CVE-2025-36419 - Vulnerability Details - OpenCVE

IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Ibm Subscribe	Applinx Subscribe

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here .

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.ibm.com/support/pages/node/7257446

History

Tue, 20 Jan 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 20 Jan 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.
Title		Multiple vulnerabilities found in IBM ApplinX.
First Time appeared		Ibm Ibm applinx
Weaknesses		CWE-550
CPEs		cpe:2.3:a:ibm:applinx:11.1:::::::*
Vendors & Products		Ibm Ibm applinx
References		https://www.ibm.com/support/pages/node/7257446
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-01-20T15:53:37.574Z

Updated: 2026-01-20T16:07:57.795Z

Reserved: 2025-04-15T21:17:01.668Z

Link: CVE-2025-36419

Vulnrichment

Updated: 2026-01-20T16:07:51.435Z

NVD

Status : Received

Published: 2026-01-20T16:16:04.960

Modified: 2026-01-20T16:16:04.960

Link: CVE-2025-36419

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-550

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-36419", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-04-15T21:17:01.668Z", "datePublished": "2026-01-20T15:53:37.574Z", "dateUpdated": "2026-01-20T16:07:57.795Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:applinx:11.1:*:*:*:*:*:*:*"], "product": "ApplinX", "vendor": "IBM", "versions": [{"status": "affected", "version": "11.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.</p>"}], "value": "IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-550", "description": "CWE-550 Server-generated Error Message Containing Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-01-20T15:53:37.574Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7257446"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here .</p>"}], "value": "IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here ."}], "title": "Multiple vulnerabilities found in IBM ApplinX.", "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-20T16:07:37.381513Z", "id": "CVE-2025-36419", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-20T16:07:57.795Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-36419", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-20T16:07:37.381513Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-20T16:07:51.435Z"}}], "cna": {"title": "Multiple vulnerabilities found in IBM ApplinX.", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:applinx:11.1:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "ApplinX", "versions": [{"status": "affected", "version": "11.1"}]}], "solutions": [{"lang": "en", "value": "IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here .", "supportingMedia": [{"type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here .</p>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7257446", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-550", "description": "CWE-550 Server-generated Error Message Containing Sensitive Information"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-01-20T15:53:37.574Z"}}}, "cveMetadata": {"cveId": "CVE-2025-36419", "state": "PUBLISHED", "dateUpdated": "2026-01-20T16:07:57.795Z", "dateReserved": "2025-04-15T21:17:01.668Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-01-20T15:53:37.574Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}