CVE-2025-36050
BaseFortify
Publication date: 2025-06-19
Last updated on: 2025-07-25
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| ibm | qradar_security_information_and_event_manager | 7.5.0 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-36050 is a vulnerability in IBM QRadar SIEM versions 7.5 through 7.5.0 Update Package 12 where local users can read potentially sensitive information stored in log files. This occurs because sensitive data is stored in logs without adequate protection, allowing unauthorized local access to that information. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing local users to access sensitive information stored in log files that they should not be able to read. This could lead to exposure of confidential data, potentially aiding further attacks or unauthorized activities within your environment. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to promptly apply the official update QRadar 7.5.0 UP12 IF02, as no other workarounds or mitigations are provided. [1]