PT-2026-28132 · Ibm · Knowledge Catalog Standard Cartridge
Published
2026-03-25
·
Updated
2026-03-26
·
CVE-2025-36187
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Knowledge Catalog Standard Cartridge versions 5.0.0 through 5.0.3
IBM Knowledge Catalog Standard Cartridge versions 5.1 through 5.1.3
IBM Knowledge Catalog Standard Cartridge versions 5.2.0 through 5.2.1
Description
The software stores potentially sensitive information in log files. A local privileged user could read this information.
Recommendations
Apply appropriate access controls to the log files to restrict read access to authorized personnel only.
Review log file content regularly for sensitive data and implement data masking or redaction techniques if necessary.
Consider disabling detailed logging if it is not essential for operational purposes.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Knowledge Catalog Standard Cartridge