CVE-2025-36133

IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
ibmCNA
5.9 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
ibmapp_connect_enterprise_certified_containers_operands
12.0.9.0:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.9.0:r3
ibmapp_connect_enterprise_certified_containers_operands
12.0.10.0:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.10.0:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.10.0:r3
ibmapp_connect_enterprise_certified_containers_operands
12.0.11.1:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.11.2:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.11.3:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r10
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r11
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r12
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r13
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r14
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r3
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r4
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r5
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r6
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r7
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r8
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r9
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.0:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.0:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.2:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.3:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.4:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.5:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.0:r2
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.2:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.2:r2
ibmapp_connect_enterprise_certified_containers_operands
13.0.3.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.3.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.4.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.4.1:r1
ibmapp_connect_operator
9.2.0 ≤
𝑥
≤ 11.6.0
ibmapp_connect_operator
12.0.0 ≤
𝑥
< 12.15.0
ibmapp_connect_operator
12.1.0 ≤
𝑥
< 12.15.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7243690