VYPR
Unrated severityNVD Advisory· Published Aug 8, 2025· Updated Feb 26, 2026

IBM i authentication bypass

CVE-2025-36119

Description

IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions in DCM as an administrator.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Iv52 versions
    cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*range: 7.3
    • (no CPE)range: 7.3, 7.4, 7.5, 7.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.