Cyber Resilience

CVE-2025-36258

High

Published: 25 March 2026

Published
25 March 2026
Modified
26 March 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS Score 0.0001 0.5th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-36258 is a high-severity Plaintext Storage of a Password (CWE-256) vulnerability in Ibm Infosphere Information Server. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 0.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).

Deeper analysis

CVE-2025-36258 is a vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6, where the product stores user credentials and other sensitive information in plain text. This insecure storage allows the data to be read by a local user, as classified under CWE-256 (Plain-text Storage of a Password). The issue received a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N) and was published on 2026-03-25.

A local attacker requires only local access to the system with no privileges, low attack complexity, and no user interaction to exploit this vulnerability. Successful exploitation enables reading of plaintext credentials and sensitive information, resulting in high-impact confidentiality loss due to the changed scope from the attack surface.

IBM's security advisory at https://www.ibm.com/support/pages/node/7266489 provides details on mitigation, including recommended patches and configuration changes to address the plain-text storage issue.

EU & UK References

Vulnerability details

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

Plaintext credential storage (CWE-256) directly enables local reading of credentials from files/storage.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-7577Same product: Ibm Aix
CVE-2025-14974Same product: Ibm Aix
CVE-2024-52363Same product: Ibm Aix
CVE-2024-51459Same product: Ibm Aix
CVE-2025-13855Same product: Ibm Aix
CVE-2026-8855Same product: Ibm Aix
CVE-2026-6052Same product: Ibm Aix
CVE-2026-8850Same product: Ibm Aix
CVE-2024-41783Same product: Ibm Aix
CVE-2026-8856Same product: Ibm Aix

Affected Assets

ibm
infosphere information server
11.7.0.0 — 11.7.1.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires cryptographic mechanisms or physical safeguards to protect confidentiality of sensitive information like credentials stored at rest, preventing plain-text readability by local users.

prevent

Mandates protection of authenticators such as user credentials commensurate with information sensitivity, explicitly addressing insecure plain-text storage.

prevent

Enforces logical access controls to system resources storing sensitive information, mitigating unauthorized local user access to plain-text credentials.

References