CVE-2025-36105 is a vulnerability identified in IBM Planning Analytics Advanced Certified Containers versions 3.1.0 through 3.1.4. The issue stems from the cleartext storage of sensitive information in environment variables within the containerized environment. Environment variables are often used to store configuration data, including credentials or tokens, but storing sensitive data in cleartext increases the risk of exposure. A local privileged user—someone with elevated permissions on the host or container environment—can access these environment variables and extract sensitive information. The vulnerability is classified under CWE-526, which relates to cleartext storage of sensitive information. The CVSS v3.1 score is 4.4 (medium), reflecting that exploitation requires local privileged access but can lead to high confidentiality impact. There is no requirement for user interaction, and the vulnerability does not impact integrity or availability. No public exploits or active exploitation have been reported. The vulnerability was published in March 2026, with IBM as the vendor and assigner. The lack of available patches at the time of reporting suggests organizations should implement compensating controls until updates are released.

The primary impact of this vulnerability is the potential unauthorized disclosure of sensitive information stored in environment variables. If a local privileged user is compromised or malicious, they could extract credentials, tokens, or other confidential data, which could then be used to escalate privileges, move laterally within the network, or access other sensitive systems. While the vulnerability does not directly affect system integrity or availability, the confidentiality breach could lead to broader security incidents, including data breaches or compliance violations. Organizations relying on IBM Planning Analytics Advanced Certified Containers in environments with multiple users or shared infrastructure are at higher risk. The requirement for local privileged access limits remote exploitation but does not eliminate risk from insider threats or attackers who have already gained elevated access.

1. Restrict local privileged access strictly to trusted administrators and monitor for unauthorized privilege escalations. 2. Implement robust access controls and auditing on systems running IBM Planning Analytics containers to detect suspicious access to environment variables. 3. Avoid storing sensitive information in environment variables; use secure secret management solutions or encrypted storage mechanisms instead. 4. Apply vendor patches or updates promptly once available to address this vulnerability directly. 5. Employ container security best practices, including minimizing container privileges and isolating workloads. 6. Conduct regular security reviews and penetration testing focusing on container environments to identify and remediate similar issues. 7. Use runtime security tools that can detect anomalous access to environment variables or sensitive data within containers. 8. Educate administrators and users about the risks of local privilege misuse and enforce strict operational security policies.