CVE-2025-36034 | THREATINT

Description

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques.

PUBLISHED Reserved 2025-04-15 | Published 2025-06-26 | Updated 2025-08-26 | Assigner ibm

MEDIUM: 5.3CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status

unaffected

11.7

affected

References

www.ibm.com/support/pages/node/7237604 vendor-advisory patch

cve.org (CVE-2025-36034)

nvd.nist.gov (CVE-2025-36034)

Download JSON