CVE-2025-33093

Severity

7.5HIGH

EPSS

0.2%

top 54.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 7

Description

IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

CVEList

IBM Sterling Partner Engagement Manager information disclosure↗2025-05-07

▶

GHSA

GHSA-4vv5-fg3j-73p8: IBM Sterling Partner Engagement Manager 6↗2025-05-07

▶