CRITICAL🇵🇱 Wersja polska

CVE-2025-25022

CVSS 9.6v3.1pub. 2025-06-03upd. 2025-08-12

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • IBM Cloud Pak For Security

    APP
    Ibm
    1.10.0.0 – 1.10.11.0
  • IBM Qradar Suite

    APP
    Ibm
    1.10.12.0 – 1.11.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-20578CRITICAL9.8ten sam produkt

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform un...

CVE-2021-20538CRITICAL9.1ten sam produkt

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or pe...

CVE-2020-4627CRITICAL9.0ten sam produkt

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could exec...

CVE-2025-25021HIGH7.2ten sam produkt

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0...

CVE-2023-47726HIGH7.1ten sam produkt

IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21...