6.5

CVE-2025-33119

Medienbericht

EPSS 0.04%
Veröffentlicht 12.11.2025 21:19:55
Zuletzt bearbeitet 15.12.2025 18:27:38
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_1

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_10

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_11

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_12

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_13

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_13_interim_fix_01

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_13_interim_fix_02

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_14

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_2

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_3

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_4

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_5

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_6

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_7

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_8

Ibm ≫ Qradar Security Information And Event Manager Version7.5.0 Updateupdate_pack_9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.119

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@us.ibm.com	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-260 Password in Configuration File

The product stores a password in a configuration file that might be accessible to actors who do not know the password.

https://www.heise.de/news/Sicherheitsluecken-gefaehrden-IBM-AIX-und-QRadar-SIEM-11078362.html

Medienbericht

heise Security

14.11.2025 09:50

https://www.ibm.com/support/pages/node/7250932

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-33119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-33119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-33119

EUVD