Home

Description

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.

PUBLISHED Reserved 2025-04-15 | Published 2025-10-27 | Updated 2025-10-28 | Assigner ibm




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-266 Incorrect Privilege Assignment

Product status

Default status
unaffected

7.5.0 (semver)
affected

Credits

John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed,Dawid Bak finder

References

www.ibm.com/support/pages/node/7249277 vendor-advisory patch

cve.org (CVE-2025-36007)

nvd.nist.gov (CVE-2025-36007)

Download JSON