PT-2025-23629 · Ibm · Ibm Qradar Suite+1
Ben Goodspeed
+5
·
Published
2025-06-03
·
Updated
2025-08-12
·
CVE-2025-25021
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0
IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0
Description
The issue is related to the improper generation of code in case management script creation, which could allow a privileged user to execute code.
Recommendations
For IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0, update to a version outside of this range to resolve the issue.
For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting access to case management script creation to minimize the risk of exploitation.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cloud Pak For Security
Ibm Qradar Suite