CVE Vulnerabilities

CVE-2025-0985

Cleartext Storage of Sensitive Information in an Environment Variable

Published: Feb 28, 2025 | Modified: Feb 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD

stores potentially sensitive information in environment variables that could be obtained by a local user.

Weakness

The product uses an environment variable to store unencrypted sensitive information.

Potential Mitigations

References