CVE-2025-36222
8.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Summary
IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Fusion | 2.2.0 <= 2.10.1 | affected |
| IBM | Fusion HCI | 2.2.0 <= 2.10.0 | affected |
| IBM | Fusion HCI for watsonx | 2.8.2 <= 2.10.0 | affected |
Weaknesses
- CWE-1188: CWE-1188 Insecure Default Initialization of Resource
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.