Severity
Medium
Analysis Summary
CVE-2025-25029 CVSS:4.9
IBM Security Guardium could allow a privileged user to download any file on the system due to improper escaping of input.
CVE-2025-25025 CVSS:4.3
IBM Security Guardium could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2025-25026 CVSS:4.3
IBM Security Guardium could allow an authenticated user to obtain sensitive information due to an incorrect authentication check.
Impact
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-25029
CVE-2025-25025
CVE-2025-25026
Affected Vendors
- IBM
Affected Products
- IBM Security Guardium - 12.0
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.