CVE-2025-36187
Severity CVSS v4.0:
Pending analysis
Type:
CWE-532
Information Exposure Through Log Files
Publication date:
25/03/2026
Last modified:
31/03/2026
Description
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user.
Impact
Base Score 3.x
4.40
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:knowledge_catalog:5.0.0:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.0.1:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.0.2:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.0.3:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.1:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.1.1:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.1.2:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.1.3:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.2.0:*:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:knowledge_catalog:5.2.1:*:*:*:standard:*:*:* | ||
| cpe:2.3:o:redhat:openshift:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page