Analysis Summary

CVE-2025-25022 CVSS:9.6

IBM QRadar SIEM could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files.

CVE-2025-25021 CVSS:7.2

IBM QRadar SIEM could allow a privileged execute code in case management script creation due to the improper generation of code.

CVE-2025-1334 CVSS:4

IBM QRadar Suite allows web pages to be stored locally which can be read by another user on the system.

CVE-2025-25020 CVSS:6.5

IBM QRadar SIEM could allow an authenticated user to cause a denial of service due to improperly validating API data input.

CVE-2025-25019 CVSS:4.8

IBM QRadar SIEM does not invalidate session after a logout which could allow a user to impersonate another user on the system.

Impact

• Denial of Service
• Gain Access
• Code Execution
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2025-25022

• CVE-2025-25021

• CVE-2025-1334

• CVE-2025-25020

• CVE-2025-25019

Affected Vendors

Remediation

Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.

IBM Security Advisory