Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

DevOps Plan

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2025-36363
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-Not Assigned
Published-03 Mar, 2026 | 19:46
Updated-03 Mar, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM DevOps Plan is vulnerable to Excessive Authentication Attempts

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

Action-Not Available
Vendor-IBM Corporation
Product-DevOps Plan
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2025-36364
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-Not Assigned
Published-03 Mar, 2026 | 19:43
Updated-03 Mar, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters.

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system.

Action-Not Available
Vendor-IBM Corporation
Product-DevOps Plan
CWE ID-CWE-525
Use of Web Browser Cache Containing Sensitive Information