CVE-2025-25022

Summary

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files.

Affected Software

VendorProductVersion RangeStatus
IBMQRadar Suite Software1.10.12.0 <= 1.11.2.0affected
IBMCloud Pak for Security1.10.0.0 <= 1.10.11.0affected

Weaknesses

  • CWE-260: CWE-260 Password in Configuration File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References