CVE-2025-33079 | THREATINT

Description

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code.

PUBLISHED Reserved 2025-04-15 | Published 2025-05-27 | Updated 2025-08-26 | Assigner ibm

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-256 Plaintext Storage of a Password

Product status

Default status

unaffected

11.1.0

affected

Default status

unaffected

11.0.0, 11.0.1

affected

References

www.ibm.com/support/pages/node/7234720 vendor-advisory patch

cve.org (CVE-2025-33079)

nvd.nist.gov (CVE-2025-33079)

Download JSON