CVE-2025-13755 | THREATINT

Description

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes DB2 Connect Server) stores potentially sensitive information in log files that could be read by a local user.

PUBLISHED Reserved 2025-11-26 | Published 2026-05-26 | Updated 2026-05-26 | Assigner ibm

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-532 Insertion of Sensitive Information into Log File

Product status

11.5.0 (semver)

affected

12.1.0 (semver)

affected

References

www.ibm.com/support/pages/node/7273554 vendor-advisory patch

cve.org (CVE-2025-13755)

nvd.nist.gov (CVE-2025-13755)

Download JSON