PT-2026-53983 · Ibm · Devops Automation+1
Sunil Dandamudi
·
Published
2026-06-30
·
Updated
2026-06-30
·
CVE-2025-36359
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system.
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Devops Automation
Devops Loop