PT-2025-35476 · Ibm · Ibm App Connect Enterprise Certified Container
Published
2025-09-01
·
Updated
2025-09-01
·
CVE-2025-36133
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM App Connect Enterprise Certified Container CD versions 9.2.0 through 11.6.0
IBM App Connect Enterprise Certified Container CD versions 12.1.0 through 12.14.0
IBM App Connect Enterprise Certified Container CD 12.0 LTS versions 12.0.0 through 12.0.14
Description
The software stores potentially sensitive information in log files during installation. This information could be read by a local user on the container.
Recommendations
Ensure appropriate access controls are in place to restrict access to log files for IBM App Connect Enterprise Certified Container CD versions 9.2.0 through 11.6.0.
Ensure appropriate access controls are in place to restrict access to log files for IBM App Connect Enterprise Certified Container CD versions 12.1.0 through 12.14.0.
Ensure appropriate access controls are in place to restrict access to log files for IBM App Connect Enterprise Certified Container CD 12.0 LTS versions 12.0.0 through 12.0.14.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm App Connect Enterprise Certified Container