Sensitive Information Exposure in IBM App Connect Enterprise
CVE-2025-36133

5.9MEDIUM

Key Information:

Vendor: IBM
Status: App Connect Enterprise Certified Container
Vendor: CVE Published:; 1 September 2025

What is CVE-2025-36133?

Certain versions of IBM App Connect Enterprise Certified Container can expose potentially sensitive information in log files during the installation process. This information may be accessible to a local user within the container environment, posing a security risk. It is crucial for system administrators to address this vulnerability to prevent unauthorized access to sensitive data.

Affected Version(s)

App Connect Enterprise Certified Container 9.2.0 <= 11.6.0

App Connect Enterprise Certified Container 12.0.0 <= 12.0.14

App Connect Enterprise Certified Container 12.1.0 <= 12.14.0

References

https://www.ibm.com/support/pages/node/7243690

vendor-advisorypatch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 1, 2025
Vulnerability Reserved
Apr 15, 2025