Home

Description

IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

PUBLISHED Reserved 2025-04-15 | Published 2025-11-12 | Updated 2025-11-13 | Assigner ibm




MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-260 Password in Configuration File

Product status

7.5 (semver)
affected

Credits

Acknowledgement John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, and Dawid Bak from the IBM Security Ethical Hacking Team. finder

References

www.ibm.com/support/pages/node/7250932 vendor-advisory patch

cve.org (CVE-2025-33119)

nvd.nist.gov (CVE-2025-33119)

Download JSON