CVE-2025-36096 — Insufficiently Protected Credentials in IBM Vios
Severity
8.1HIGHNVD
CNA9.0
EPSS
0.0%
top 92.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedNov 13
Latest updateNov 14
Description
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9