Local Privileged Info Leak via Env Vars in IBM Planning Analytics Ac 3.1.0-4
CVE-2025-36105 Published on March 10, 2026
IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability
IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables.
Vulnerability Analysis
CVE-2025-36105 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Exposure of Sensitive Information Through Environmental Variables
Environmental variables may contain sensitive information about a remote server.
Products Associated with CVE-2025-36105
Want to know whenever a new CVE is published for IBM Planning Analytics Advanced Certified Containers? stack.watch will email you.
Affected Versions
IBM Planning Analytics Advanced Certified Containers:- Version 3.1.0, <= 3.1.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.