Local Information Disclosure in IBM Planning Analytics Containers
CVE-2025-36105

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Planning Analytics Advanced Certified Containers
Vendor: CVE Published:; 10 March 2026

What is CVE-2025-36105?

A local privileged user can exploit a vulnerability within IBM Planning Analytics Advanced Certified Containers versions 3.1.0 through 3.1.4 to gain unauthorized access to sensitive information stored in environment variables. This issue highlights the importance of securing containerized applications to prevent unauthorized data access and potential breaches.

Affected Version(s)

Planning Analytics Advanced Certified Containers 3.1.0 <= 3.1.4

References

https://www.ibm.com/support/pages/node/7262806

vendor-advisorypatch

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Apr 15, 2025

CVE-2025-36105 Data

JSON