1. Home
  2. CVE Database
  3. CVE-2025-36202
HIGH · 7.5

CVE-2025-36202

IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings pas...

Vulnerability Description

IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IbmWebmethods Integration10.5

Related Weaknesses (CWE)

CWE-134

References

FAQ

What is CVE-2025-36202?

CVE-2025-36202 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings pas...

How severe is CVE-2025-36202?

CVE-2025-36202 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-36202?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Webmethods Integration.