Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has released a security advisory addressing multiple vulnerabilities discovered in its QRadar Suite Software and Cloud Pak for Security platforms. The flaws, ranging in severity from medium to critical, expose affected systems to risks including remote code execution, information disclosure, and denial of service (DoS) attacks.

The bulletin highlights five CVEs affecting versions 1.10.0.0 through 1.11.2.0 of IBM Cloud Pak for Security and QRadar Suite Software:

1. CVE-2025-25022 (CVSS 9.6 – Critical)
   The most severe of the group, this vulnerability allows unauthenticated attackers to access highly sensitive information stored in configuration files. This could facilitate broader system compromise or privilege escalation.
2. CVE-2025-25021 (CVSS 7.2 – High)
   This flaw enables privileged users to execute arbitrary code through improper case management script creation. The vulnerability stems from flawed code generation logic, creating a dangerous path for exploitation within administrative operations.
3. CVE-2025-25020 (CVSS 6.5 – Medium)
   A denial of service (DoS) vulnerability that allows authenticated users to crash services by injecting malformed data via the API. The input validation process fails to properly sanitize certain payloads.
4. CVE-2025-25019 (CVSS 4.8 – Medium)
   This session management flaw means QRadar SIEM does not correctly invalidate sessions on logout. It potentially allows session hijacking, where a malicious user can impersonate another.
5. CVE-2025-1334 (CVSS 4.0 – Medium)
   The software permits local caching of web content that can be read by other users on the system—posing a risk in multi-user environments where data confidentiality is expected.

The issues impact the following product versions:

• IBM Cloud Pak for Security: 1.10.0.0 to 1.10.11.0
• QRadar Suite Software: 1.10.12.0 to 1.11.2.0

IBM recommends immediate upgrades to version 1.11.3.0 or later, which mitigates all five vulnerabilities. The company has published detailed guidance for upgrading and installing the patched versions:

• Installation Instructions
• Upgrade Instructions

Related Posts:

• IBM QRadar exists Remote Command Execution Vulnerability
• IBM created the world’s smallest computer
• AMD Patches Multi Vulnerabilities in Embedded Processors
• From Espionage to Theft: The Multi-Faceted APT Attacks on SMBs