CVE-2025-36034

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques.

Published: Jun 26, 2025
Updated: Jun 27, 2025
CVE: CVE-2025-36034
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.9
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-319

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / infosphere_information_server	11.7	11.7.x

https://www.ibm.com/support/pages/node/7237604

Vulnerability Database

CVE-2025-36034