CVE-2025-36418
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-01-26
Assigner: IBM Corporation
Description
Description
IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their privileges.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | applinx | 11.1.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM ApplinX 11.1 is a privilege escalation issue caused by improper verification of JSON Web Tokens (JWT). An attacker can craft or modify a JWT to impersonate another user or elevate their privileges within the system.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to gain unauthorized access by impersonating other users or increasing their privileges, potentially leading to unauthorized actions, data exposure, or system compromise.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70