PT-2026-53983 · Ibm · Devops Automation+1

Sunil Dandamudi

·

Published

2026-06-30

·

Updated

2026-06-30

·

CVE-2025-36359

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system.

Fix

Insufficient Session Expiration

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-36359

Affected Products

Devops Automation
Devops Loop