CVE-2025-36131
Essential information
- Published
- 07/11/2025 19:16
- Modified
- 19/11/2025 16:28
- Author
- —
- Creator
- —
- CVSS
- 4.6 MEDIUM (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- PHYSICAL
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- HIGH
- Integrity impact
- NONE
- Availability impact
- NONE
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system.
NVD status
- Status
- Analyzed — CVE has had analysis completed and all data associations made.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:* |
| ibm / db2 | cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:* |