PT-2025-23628 · Ibm · Ibm Cloud Pak For Security+1

Ben Goodspeed

Publicado

2025-06-03

Atualizado

2025-08-12

CVE-2025-25019

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0

Description The issue arises because the software does not invalidate a session after a user logs out, potentially allowing a user to impersonate another user on the system.

Recommendations For IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0, update to a version that properly invalidates sessions after logout. For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version that properly invalidates sessions after logout.

Correção

Insufficient Session Expiration

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-613

Identificadores relacionados

BDU:2025-06509

CVE-2025-25019

Produtos afetados

Ibm Cloud Pak For Security

Ibm Qradar Suite

PT-2025-23628 · Ibm · Ibm Cloud Pak For Security+1

CVE-2025-25019

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6