July 9, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Prometei Malware – Active IOCs
June 4, 2025Bitter APT – Active IOCs
June 4, 2025Prometei Malware – Active IOCs
June 4, 2025Bitter APT – Active IOCs
June 4, 2025
Severity
Medium
Analysis Summary
CVE-2025-25022 CVSS:9.6
IBM QRadar SIEM could allow an unauthenticated user in the environment to obtain highly sensitive information in configuration files.
CVE-2025-25021 CVSS:7.2
IBM QRadar SIEM could allow a privileged execute code in case management script creation due to the improper generation of code.
CVE-2025-1334 CVSS:4
IBM QRadar Suite allows web pages to be stored locally which can be read by another user on the system.
CVE-2025-25020 CVSS:6.5
IBM QRadar SIEM could allow an authenticated user to cause a denial of service due to improperly validating API data input.
CVE-2025-25019 CVSS:4.8
IBM QRadar SIEM does not invalidate session after a logout which could allow a user to impersonate another user on the system.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-25022
CVE-2025-25021
CVE-2025-1334
CVE-2025-25020
CVE-2025-25019
Affected Vendors
- IBM
Affected Products
- IBM QRadar Suite Software 1.10.12.0 - 1.11.2.0
- IBM Cloud Pak for Security 1.10.0.0 - 1.10.11.0
Remediation
Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.