CNNVD-202509-060 Information

CNNVD ID

CNNVD-202509-060

Related CVE

CVE-2025-36133

• CNNVD Published: 2025-09-01

Description (Chinese)

IBM App Connect Enterprise Certified Container是美国国际商业机器（IBM）公司的一个基于 IBM App Connect Enterprise 软件产品的映像。以可执行文件的形式提供软件包，可以在容器化环境中部署和运行。 IBM App Connect Enterprise Certified Container存在日志信息泄露漏洞，该漏洞源于安装过程中日志文件存储敏感信息，可能导致本地用户读取。以下版本受到影响：9.2.0至11.6.0版本、12.1.0至12.14.0版本和12.0 LTS 12.0.0至12.0.14版本。

Description (English)

IBM App Connect Enterprise Certified Container is an image based on IBM App Connect Enterprise software products of the United States International Business Machine (IBM). Software packages are available in the form of implementable documents and can be deployed and operated in a containerized environment. The IBM App Connect Enterprise Centre Consortium has a log leak that originates from the storage of sensitive log files during installation, which may lead to local user reading. The following versions were affected: 9.2.0 to 11.6.0, 12.1.0 to 12.14.0 and 12.0 to 12.0.14.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

国际商业机器

Published

2025-09-01

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7243690 https://access.redhat.com/security/cve/cve-2025-36133 https://nvd.nist.gov/vuln/detail/CVE-2025-36133

Patch

https://www.ibm.com/support/pages/node/7243690