CVE-2025-36105

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-36105
IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables.

4.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7262806 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:planning_analytics_advanced_certified_containers:*:*:*:*:*:*:*:*
History

06 May 2026, 18:34

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:planning_analytics_advanced_certified_containers:*:*:*:*:*:*:*:*
References () https://www.ibm.com/support/pages/node/7262806 - () https://www.ibm.com/support/pages/node/7262806 - Vendor Advisory
First Time Ibm planning Analytics Advanced Certified Containers
Ibm
Summary
  • (es) IBM Planning Analytics Advanced Certified Containers 3.1.0 a través de 3.1.4 podría permitir a un usuario local privilegiado obtener información sensible de las variables de entorno.
CWE CWE-312

10 Mar 2026, 16:50

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-10 16:50

Updated : 2026-05-06 18:34

NVD link : CVE-2025-36105

Mitre link : CVE-2025-36105

CVE.ORG link : CVE-2025-36105

JSON object : View

Products Affected

ibm

  • planning_analytics_advanced_certified_containers
CWE
CWE-526

Cleartext Storage of Sensitive Information in an Environment Variable

CWE-312

Cleartext Storage of Sensitive Information