Vulnerability Details CVE-2025-25019
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.2%
CVSS Severity
CVSS v3 Score 4.8
Products affected by CVE-2025-25019
-
cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0
-
cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0
-
cpe:2.3:a:ibm:cloud_pak_for_security:1.10.2.0
-
cpe:2.3:a:ibm:cloud_pak_for_security:1.10.6.0
-
cpe:2.3:a:ibm:cloud_pak_for_security:1.10.7.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.12.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.13.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.14.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.15.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.16.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.17.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.18.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.19.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.20.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.21.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.22.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.23.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.24.0
-
cpe:2.3:a:ibm:qradar_suite:1.10.25.0