CVE-2025-25048

🗓️ 04 Sep 2025 15:06:15Reported by ibmType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 7 Views

CVE-2025-25048 allows authenticated upload to a restricted directory in IBM Jazz Foundation via path traversal.

Reporter	Title	Published	Views	Family All 10
IBM Security Bulletins	Security Bulletin: The IBM® Engineering Lifecycle Management - Jazz Foundation is impacted by Relative Path Traversal vulnerability.	24 Sep 202518:25	–	ibm
Circl	CVE-2025-25048	9 Jan 202603:04	–	circl
CNNVD	IBM Jazz Foundation 安全漏洞	4 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-25048 IBM Jazz Foundation path traversal	4 Sep 202515:06	–	cvelist
EUVD	EUVD-2025-26723	3 Oct 202520:07	–	euvd
NVD	CVE-2025-25048	4 Sep 202515:15	–	nvd
OSV	CVE-2025-25048	4 Sep 202515:15	–	osv
Positive Technologies	PT-2025-35945	4 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-25048	6 Sep 202515:25	–	redhatcve
Vulnrichment	CVE-2025-25048 IBM Jazz Foundation path traversal	4 Sep 202515:06	–	vulnrichment

NVD

Vulners

Node

ibm jazz_foundationMatch7.0.2-

ibm jazz_foundationMatch7.0.2ifix001

ibm jazz_foundationMatch7.0.2ifix002

ibm jazz_foundationMatch7.0.2ifix003

ibm jazz_foundationMatch7.0.2ifix004

ibm jazz_foundationMatch7.0.2ifix005

ibm jazz_foundationMatch7.0.2ifix006

ibm jazz_foundationMatch7.0.2ifix007

ibm jazz_foundationMatch7.0.2ifix008a

ibm jazz_foundationMatch7.0.2ifix009

ibm jazz_foundationMatch7.0.2ifix010

ibm jazz_foundationMatch7.0.2ifix011

ibm jazz_foundationMatch7.0.2ifix012

ibm jazz_foundationMatch7.0.2ifix013

ibm jazz_foundationMatch7.0.2ifix014

ibm jazz_foundationMatch7.0.2ifix016

ibm jazz_foundationMatch7.0.2ifix017

ibm jazz_foundationMatch7.0.2ifix018

ibm jazz_foundationMatch7.0.2ifix020a

ibm jazz_foundationMatch7.0.2ifix021

ibm jazz_foundationMatch7.0.2ifix022

ibm jazz_foundationMatch7.0.2ifix023

ibm jazz_foundationMatch7.0.2ifix024

ibm jazz_foundationMatch7.0.2ifix025

ibm jazz_foundationMatch7.0.2ifix026a

ibm jazz_foundationMatch7.0.2ifix027

ibm jazz_foundationMatch7.0.2ifix028

ibm jazz_foundationMatch7.0.2ifix029

ibm jazz_foundationMatch7.0.2ifix030

ibm jazz_foundationMatch7.0.2ifix031

ibm jazz_foundationMatch7.0.2ifix032

ibm jazz_foundationMatch7.0.2ifix033

ibm jazz_foundationMatch7.0.3-

ibm jazz_foundationMatch7.0.3ifix001

ibm jazz_foundationMatch7.0.3ifix002

ibm jazz_foundationMatch7.0.3ifix003

ibm jazz_foundationMatch7.0.3ifix004

ibm jazz_foundationMatch7.0.3ifix005

ibm jazz_foundationMatch7.0.3ifix006

ibm jazz_foundationMatch7.0.3ifix007

ibm jazz_foundationMatch7.0.3ifix008

ibm jazz_foundationMatch7.0.3ifix009

ibm jazz_foundationMatch7.0.3ifix010

ibm jazz_foundationMatch7.0.3ifix011

ibm jazz_foundationMatch7.0.3ifix012

ibm jazz_foundationMatch7.1.0-

ibm jazz_foundationMatch7.1.0ifix001

ibm jazz_foundationMatch7.1.0ifix002

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:jazz_foundation:7.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix033:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:jazz_foundation:7.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix012:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:jazz_foundation:7.1.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix002:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Jazz Foundation",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "7.0.2 iFix033",
        "status": "affected",
        "version": "7.0.2",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "7.0.3 iFix012",
        "status": "affected",
        "version": "7.0.3",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "7.1.0 iFix002",
        "status": "affected",
        "version": "7.1.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7244014

09 Jan 2026 02:31Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.5

EPSS0.00067

SSVC

CWE-23