CVE-2025-25019
published 2025-06-03CVE-2025-25019: IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which…
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | cloud_pak_for_security | 1.10.0.0 – 1.10.11.0 | — |
| ibm | qradar_suite | 1.10.12.0 – 1.11.2.0 | — |
| ibm | qradar_suite_software | 1.10.12.0 – 1.11.2.0 | — |