CNNVD-202512-861 Information

CNNVD ID

CNNVD-202512-861

Related CVE

CVE-2025-36017

• CNNVD Published: 2025-12-08

Description (Chinese)

IBM Controller是美国国际商业机器（IBM）公司的一个基于 Web 的财务合并工具。 IBM Controller 11.1.0版本至11.1.1版本存在安全漏洞，该漏洞源于环境变量文件中存储未加密的敏感信息，可能导致信息泄露。

Description (English)

IBM Contractor is a web-based financial consolidation tool for the United States International Business Machine (IBM). There is a security loophole in IBM Contractors, versions 11.1.0 to 11.1.1, which originates from the storage of unencrypted sensitive information in environmental variables files, which may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-12-08

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7253283 https://access.redhat.com/security/cve/cve-2025-36017

Patch

https://www.ibm.com/support/pages/node/7253283