4.4

CVE-2025-36187

Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmKnowledge Catalog Version5.0.0 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.0.1 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.0.2 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.0.3 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.1 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.1.1 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.1.2 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.1.3 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.2.0 SwEditionstandard
   RedhatOpenshift Version-
IbmKnowledge Catalog Version5.2.1 SwEditionstandard
   RedhatOpenshift Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.03
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
psirt@us.ibm.com 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.