← back
CVE-2025-25021

IBM QRadar Suite Software and IBM Cloud Pak for Security code injection

CVSS 7.2 HIGHEPSS 0.5%CWE-94
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.2EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
03 Jun 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged execute code in case management script creation due to the improper generation of code.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H