6.5
CVE-2025-36017
- EPSS 0.03%
- Veröffentlicht 08.12.2025 21:37:10
- Zuletzt bearbeitet 10.12.2025 18:08:41
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Controller Information Disclosure
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Controller Version >= 11.1.0 < 11.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.082 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-526 Cleartext Storage of Sensitive Information in an Environment Variable
The product uses an environment variable to store unencrypted sensitive information.