CVE-2025-1334 — Use of Web Browser Cache Containing Sensitive Information in IBM Cloud PAK FOR Security

CWE-525 — Use of Web Browser Cache Containing Sensitive Information CWE-833 — Deadlock6 documents6 sources

Severity

4.0MEDIUMNVD

EPSS

0.1%

top 77.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Cloud PAK FOR Security IBM Qradar Suite Software IBM Qradar Suite

Timeline

PublishedJun 3

Latest updateDec 16

Description

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5ibm/qradar_suite_software1.10.12.0 — 1.11.2.0

▶NVDibm/qradar_suite1.10.12.0 — 1.11.2.0

▶CVEListV5ibm/cloud_pak_for_security1.10.0.0 — 1.10.11.0

▶NVDibm/cloud_pak1.10.0.0 — 1.10.11.0

🔴Vulnerability Details

OSV

blk-cgroup: fix possible deadlock while configuring policy↗2025-12-16

▶

GHSA

GHSA-ggcg-qqqw-c8ff: IBM QRadar Suite Software 1↗2025-06-03

▶

CVEList

IBM QRadar Suite Software and IBM Cloud Pak for Security information disclosure↗2025-06-03

▶