CVE-2025-25022

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.ibm.com/support/pages/node/7235432", "name": "https://www.ibm.com/support/pages/node/7235432", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-260"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-25022", "ASSIGNER": "psirt@us.ibm.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2025-06-03T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.10.11.0", "versionStartIncluding": "1.10.0.0"}, {"cpe23Uri": "cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.11.2.0", "versionStartIncluding": "1.10.12.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-12T20:00Z"}