{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13718", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-11-25T22:03:39.987Z", "datePublished": "2026-03-13T18:33:07.785Z", "dateUpdated": "2026-03-13T19:35:14.971Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-03-13T18:33:07.785Z"}, "title": "IBM Sterling Partner Engagement Manager Information Disclosure", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Sterling Partner Engagement Manager", "versions": [{"status": "affected", "version": "6.2.3.0", "lessThanOrEqual": "6.2.3.5", "versionType": "semver"}, {"status": "affected", "version": "6.2.4.0", "lessThanOrEqual": "6.2.4.2", "versionType": "semver"}], "cpes": ["cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.0:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.5:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.0:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.2:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.0:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.5:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.0:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.2:*:*:*:essentials:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7263391", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "solutions": [{"lang": "en", "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability now by upgrading, Product(s) Affected Version Range Remediated Version Instructions / Download IBM Sterling Partner Engagement Manager Essentials Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Essentials Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3 IBM Sterling Partner Engagement Manager Standard Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Standard Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Remediation/Fixes IBM strongly recommends addressing the vulnerability now by upgrading, Product(s) Affected Version Range Remediated Version Instructions / Download IBM Sterling Partner Engagement Manager Essentials Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Essentials Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3 IBM Sterling Partner Engagement Manager Standard Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Standard Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3</p>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-13T19:35:02.981039Z", "id": "CVE-2025-13718", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T19:35:14.971Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13718", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-13T19:35:02.981039Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T19:35:07.955Z"}}], "cna": {"title": "IBM Sterling Partner Engagement Manager Information Disclosure", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.0:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.5:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.0:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.2:*:*:*:standard:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.0:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.3.5:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.0:*:*:*:essentials:*:*:*", "cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.4.2:*:*:*:essentials:*:*:*"], "vendor": "IBM", "product": "Sterling Partner Engagement Manager", "versions": [{"status": "affected", "version": "6.2.3.0", "versionType": "semver", "lessThanOrEqual": "6.2.3.5"}, {"status": "affected", "version": "6.2.4.0", "versionType": "semver", "lessThanOrEqual": "6.2.4.2"}]}], "solutions": [{"lang": "en", "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability now by upgrading, Product(s) Affected Version Range Remediated Version Instructions / Download IBM Sterling Partner Engagement Manager Essentials Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Essentials Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3 IBM Sterling Partner Engagement Manager Standard Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Standard Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3", "supportingMedia": [{"type": "text/html", "value": "<p>Remediation/Fixes IBM strongly recommends addressing the vulnerability now by upgrading, Product(s) Affected Version Range Remediated Version Instructions / Download IBM Sterling Partner Engagement Manager Essentials Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Essentials Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3 IBM Sterling Partner Engagement Manager Standard Edition 6.2.3.0 \u2013 6.2.3.5 6.2.3.6 Download 6.2.3.6 IBM Sterling Partner Engagement Manager Standard Edition 6.2.4.0 \u2013 6.2.4.2 6.2.4.3 Download 6.2.4.3</p>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7263391", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-03-13T18:33:07.785Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13718", "state": "PUBLISHED", "dateUpdated": "2026-03-13T19:35:14.971Z", "dateReserved": "2025-11-25T22:03:39.987Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-03-13T18:33:07.785Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors."}], "id": "CVE-2025-13718", "lastModified": "2026-03-13T19:53:48.473", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-03-13T19:53:48.473", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7263391"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}