Vulnerabilities > CVE-2025-25022

CVSS 9.6 - CRITICAL

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

CWE-260

critical

NVD

Published: 2025-06-03

Updated: 2025-06-03

Summary

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files.

Common Weakness Enumeration (CWE)

CWE-260 - Password in Configuration File

References

https://www.ibm.com/support/pages/node/7235432

Vulnerabilities > CVE-2025-25022 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-25022"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-25022