VYPR
Medium severity4.1NVD Advisory· Published Apr 1, 2026· Updated Apr 6, 2026

CVE-2025-36373

CVE-2025-36373

Description

IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*range: >=10.5.0.0,<10.5.0.21
    • cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:continuous_delivery:*:*:*range: >=10.6.1.0,<10.6.6.0
    • (no CPE)range: >= 10.5.0.0 <= 10.5.0.20 || >= 10.6.0.0 <= 10.6.0.8 || >= 10.6.1.0 <= 10.6.5.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.