4.9
CVE-2025-25023
- EPSS 0.03%
- Published 09.04.2025 14:15:28
- Last modified 20.06.2025 16:59:29
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
IBM Security Guardium 11.4 and 12.1 could allow a privileged user to read any file on the system due to incorrect privilege assignment.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Security Guardium Version >= 11.4 <= 12.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.068 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| psirt@us.ibm.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
CWE-266 Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.