Search
Find a vulnerability
Search criteria
2 vulnerabilities found for QRadar Security Information and Event Management by IBM
CVE-2025-33119 (GCVE-0-2025-33119)
Vulnerability from nvd – Published: 2025-11-12 21:19 – Updated: 2025-11-13 15:03
VLAI
Title
IBM QRadar SIEM Information Disclosure
Summary
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-260 - Password in Configuration File
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7250932 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | QRadar Security Information and Event Management |
Affected:
7.5 , ≤ 7.5.0 UP14
(semver)
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:03:09.997337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:03:22.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14:*:*:*:*:*:*"
],
"product": "QRadar Security Information and Event Management",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "7.5.0 UP14",
"status": "affected",
"version": "7.5",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Acknowledgement John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, and Dawid Bak from the IBM Security Ethical Hacking Team."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.\u003c/p\u003e"
}
],
"value": "IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-260",
"description": "CWE-260 Password in Configuration File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:22:06.391Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7250932"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRemediation/Fixes IBM encourages customers to update their systems promptly. Product Version Fix IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP14 IF01\u003c/p\u003e"
}
],
"value": "Remediation/Fixes IBM encourages customers to update their systems promptly. Product Version Fix IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP14 IF01"
}
],
"title": "IBM QRadar SIEM Information Disclosure",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-33119",
"datePublished": "2025-11-12T21:19:55.966Z",
"dateReserved": "2025-04-15T17:50:56.613Z",
"dateUpdated": "2025-11-13T15:03:22.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33119 (GCVE-0-2025-33119)
Vulnerability from cvelistv5 – Published: 2025-11-12 21:19 – Updated: 2025-11-13 15:03
VLAI
Title
IBM QRadar SIEM Information Disclosure
Summary
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-260 - Password in Configuration File
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7250932 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | QRadar Security Information and Event Management |
Affected:
7.5 , ≤ 7.5.0 UP14
(semver)
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:03:09.997337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:03:22.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_14:*:*:*:*:*:*"
],
"product": "QRadar Security Information and Event Management",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "7.5.0 UP14",
"status": "affected",
"version": "7.5",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Acknowledgement John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, and Dawid Bak from the IBM Security Ethical Hacking Team."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.\u003c/p\u003e"
}
],
"value": "IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-260",
"description": "CWE-260 Password in Configuration File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:22:06.391Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7250932"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRemediation/Fixes IBM encourages customers to update their systems promptly. Product Version Fix IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP14 IF01\u003c/p\u003e"
}
],
"value": "Remediation/Fixes IBM encourages customers to update their systems promptly. Product Version Fix IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP14 IF01"
}
],
"title": "IBM QRadar SIEM Information Disclosure",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-33119",
"datePublished": "2025-11-12T21:19:55.966Z",
"dateReserved": "2025-04-15T17:50:56.613Z",
"dateUpdated": "2025-11-13T15:03:22.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}