CVE-2025-36112 is a vulnerability identified in IBM Sterling B2B Integrator and IBM Sterling File Gateway affecting multiple versions from 6.0.0.0 up to 6.2.1.1. The flaw is categorized under CWE-497, which pertains to the exposure of sensitive information to unauthorized users. Specifically, the vulnerability allows an unauthenticated remote attacker to retrieve sensitive server IP configuration details. This information disclosure occurs without requiring any privileges or user interaction, making it accessible to any attacker with network access to the affected system. The vulnerability has a CVSS v3.1 base score of 5.3, indicating a medium severity level. The attack vector is network-based with low attack complexity and no privileges required, but the impact is limited to confidentiality as integrity and availability remain unaffected. The exposure of IP configuration data can assist attackers in mapping internal network topology, identifying critical infrastructure, and planning subsequent attacks such as lateral movement or targeted exploitation of other vulnerabilities. Although no public exploits have been reported yet, the presence of sensitive configuration data leakage represents a significant risk in environments where IBM Sterling B2B Integrator is used for secure business-to-business file transfers and integrations. The vulnerability affects several versions, including 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1, highlighting the need for organizations to verify their deployment versions and apply any available patches or mitigations.

For European organizations, the exposure of sensitive server IP configuration information can have several adverse effects. IBM Sterling B2B Integrator is widely used in sectors such as finance, manufacturing, logistics, and telecommunications, which are critical to European economies. Disclosure of internal IP addresses can facilitate reconnaissance activities by threat actors, enabling them to map network architecture and identify valuable targets for further exploitation. This can increase the risk of subsequent attacks such as lateral movement, privilege escalation, or targeted ransomware campaigns. Additionally, organizations handling sensitive or regulated data under GDPR may face compliance risks if such information disclosure leads to broader data breaches. The medium severity rating suggests that while the vulnerability alone may not cause direct operational disruption, it significantly lowers the barrier for attackers to conduct more damaging intrusions. European companies with complex B2B integrations and supply chain dependencies may be particularly vulnerable, as attackers could leverage disclosed network details to compromise partner systems or intercept sensitive transactions.

Organizations should first identify if they are running affected versions of IBM Sterling B2B Integrator or IBM Sterling File Gateway. Since no patch links are currently provided, it is critical to monitor IBM security advisories for official patches or updates addressing CVE-2025-36112. In the interim, network segmentation should be enforced to restrict access to the Sterling B2B Integrator servers, limiting exposure to trusted IP ranges only. Implement strict firewall rules and intrusion detection/prevention systems to monitor and block unauthorized access attempts. Employ network-level encryption and VPNs for all B2B communications to reduce the risk of interception. Regularly audit and review server configurations to ensure sensitive information is not unnecessarily exposed via management interfaces or error messages. Additionally, conduct penetration testing and vulnerability assessments focused on information disclosure vectors. Finally, enhance monitoring for unusual reconnaissance activity that could indicate exploitation attempts leveraging disclosed IP information.