Ibm · Ibm Fusion · CVE-2025-36222
Name of the Vulnerable Software and Affected Versions:
IBM Fusion versions 2.2.0 through 2.10.1
IBM Fusion HCI versions 2.2.0 through 2.10.0
IBM Fusion HCI for watsonx versions 2.8.2 through 2.10.0
Description:
IBM Fusion, IBM Fusion HCI, and IBM Fusion HCI for watsonx utilize insecure default configurations. This configuration exposes AMQStreams without client authentication, potentially enabling an attacker to perform unauthorized actions.
Recommendations:
IBM Fusion versions prior to 2.10.2 should be updated.
IBM Fusion HCI versions prior to 2.10.1 should be updated.
IBM Fusion HCI for watsonx versions prior to 2.10.1 should be updated.