CVE-2025-36373 | IBM DataPower Gateway 10.6.0 up to 10.6.5.0 exposure of sensitive system information to an unauthorized control sphere

A vulnerability described as problematic has been identified in IBM DataPower Gateway 10.6CD, DataPower Gateway 10.5.0 and DataPower Gateway 10.6.0 up to 10.6.5.0. This vulnerability affects unknown code. The manipulation results in exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is identified as CVE-2025-36373. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More