CVE-2025-25022

CVSS v3.1

9.6

Critical

Vector

AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0

Description The issue allows an unauthenticated user in the environment to obtain highly sensitive information in configuration files. This could expose sensitive data to unauthenticated users.

Recommendations For IBM QRadar Suite Software versions 1.10.12.0 through 1.11.2.0, update to version 1.11.3.0 to secure your environment. For IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0, update to version 1.10.12.1 to secure your environment.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-260

Related Identifiers

BDU:2025-06467

CVE-2025-25022

Affected Products

Ibm Cloud Pak For Security

Ibm Qradar Suite

CVE-2025-25022

Weakness Enumeration

Related Identifiers

Affected Products

References · 6