Sensitive Information Exposure in IBM InfoSphere Information Server
CVE-2025-36258

7.1HIGH

Key Information:

Vendor

IBM

Vendor
CVE Published:
25 March 2026

What is CVE-2025-36258?

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 have a vulnerability that allows local users to access sensitive information, including user credentials, stored in plain text. This security flaw poses a significant risk as it enables unauthorized users to easily read and exploit confidential data. Organizations using these versions should prioritize upgrading to secure their systems against potential data breaches.

Affected Version(s)

InfoSphere Information Server 11.7.0.0 <= 11.7.1.6

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.