Description
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
Published: 2025-09-01
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-26340 IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
History

Thu, 18 Dec 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Ibm app Connect Enterprise Certified Containers Operands
Ibm app Connect Operator
CPEs cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r3:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.3:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.3:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.4:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r10:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r11:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r12:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r13:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r14:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r4:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r5:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r6:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r7:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r8:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r9:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.9.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.9.0:r3:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*
Vendors & Products Ibm app Connect Enterprise Certified Containers Operands
Ibm app Connect Operator

Tue, 02 Sep 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Sep 2025 12:00:00 +0000

Type Values Removed Values Added
Description IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
Title IBM App Connect Enterprise information disclosure
First Time appeared Ibm
Ibm app Connect Enterprise Certified Container
Weaknesses CWE-532
CPEs cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*
Vendors & Products Ibm
Ibm app Connect Enterprise Certified Container
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N'}

Subscriptions

Ibm App Connect Enterprise Certified Container App Connect Enterprise Certified Containers Operands App Connect Operator
cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-09-02T20:33:30.540Z

Reserved: 2025-04-15T21:16:19.007Z

Link: CVE-2025-36133

cve-icon Vulnrichment

Updated: 2025-09-02T20:33:25.449Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-01T12:15:31.333

Modified: 2025-12-18T17:49:01.383

Link: CVE-2025-36133

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses