CVE-2025-25019

IBM QRadar Suite Software and IBM Cloud Pak for Security session fixation

CVSS 4.8 MEDIUMEPSS 0.2%CWE-613

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Productos afectados

IBM · Cloud Pak for Security IBM · QRadar Suite Software

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.ibm.com/support/pages/node/7235432