Skip to main content

IBM CVE-2025-36187

| EUVD-2025-209040 MEDIUM
Insertion of Sensitive Information into Log File (CWE-532)
2026-03-25 ibm
Information Disclosure IBM
4.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 25, 2026 - 21:32 euvd
EUVD-2025-209040
Analysis Generated
Mar 25, 2026 - 21:32 vuln.today
Patch released
Mar 25, 2026 - 21:32 nvd
Patch available
CVE Published
Mar 25, 2026 - 21:26 nvd
MEDIUM 4.4

DescriptionNVD

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user.

AnalysisAI

IBM Knowledge Catalog Standard Cartridge versions 5.0.0 through 5.2.1 improperly store sensitive information in log files that can be read by local privileged users. An attacker with high privileges on the affected system can access these logs to disclose confidential data without requiring user interaction. While no active exploitation in the wild or public proof-of-concept has been reported, a vendor patch is available and should be applied promptly.

Technical ContextAI

This vulnerability is classified as CWE-532 (Insertion of Sensitive Information into Log File), a well-established information disclosure weakness in which applications fail to properly sanitize or protect sensitive data before writing to log files. IBM Knowledge Catalog Standard Cartridge, an enterprise data governance and metadata management tool, writes potentially sensitive information (such as credentials, tokens, or personal identifiable information) to locally accessible log files without appropriate redaction or encryption. The affected products are identified via CPE cpe:2.3:a:ibm:knowledge_catalog_standard_cartridge with no version constraints in the CPE string, confirming the vulnerability spans multiple minor and patch versions from 5.0.0 through 5.2.1. Local privileged users with file system access can bypass normal application access controls to read these unprotected logs.

RemediationAI

Upgrade IBM Knowledge Catalog Standard Cartridge to the patched version specified in the vendor advisory at https://www.ibm.com/support/pages/node/7267542. As an immediate interim control, restrict file system access to log directories to only the application service account and system administrators with legitimate operational need; prevent unprivileged users from reading application logs via file permissions (chmod 640 or more restrictive on Unix/Linux systems, or equivalent ACLs on Windows). Additionally, implement log redaction or masking rules to prevent sensitive data (credentials, API keys, PII) from being written to logs in the first place, and consider centralizing logs to a protected logging infrastructure with access controls. Monitor log file access patterns to detect unauthorized reads.

More from same product – last 7 days

CVE-2026-7524 CRITICAL
9.8 May 27

Remote code execution in IBM Langflow OSS versions 1.0.0 through 1.9.1 lets unauthenticated network attackers run arbitr
CVE-2026-8175 CRITICAL
9.8 May 27

Remote code execution and authentication bypass are possible in IBM Aspera High-Speed Transfer Server and High-Speed Tra
CVE-2026-7876 CRITICAL
9.1 May 27

Authentication bypass in IBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) versions 1.5.1 throu
CVE-2026-5065 HIGH
8.8 May 27

Hard-coded credentials in IBM Controller (versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2) give attackers a static, embedded
CVE-2026-8179 HIGH
8.8 May 27

Arbitrary code execution in IBM Aspera High-Speed Transfer Server and Endpoint (versions 3.7.4 through 4.4.7 Fix Pack 1)

Share

CVE-2025-36187 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy