CVE-2025-64650

CWE-532Log File Information Exposure3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 83.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Storage Defender - Resiliency ServiceIBM Storage Defender Resiliency Service
Timeline
PublishedDec 8
Latest updateDec 9

Description

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/storage_defender_-_resiliency_service2.0.02.0.18

🔴Vulnerability Details

2
GHSA
GHSA-53pc-prxg-7xp2: IBM Storage Defender - Resiliency Service 22025-12-09
CVEList
IBM Storage Defender - Resiliency Service Information Disclosure2025-12-08
CVE-2025-64650 (MEDIUM CVSS 6.5) | IBM Storage Defender - Resiliency S | cvebase.io