CVE-2025-33020
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-23

Last updated on: 2025-08-11

Assigner: IBM Corporation

Description
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-23
Last Modified
2025-08-11
Generated
2026-05-07
AI Q&A
2025-07-23
EPSS Evaluated
2026-05-05
NVD
CVE-2025-33020
EUVD
EUVD-2025-22451
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
ibm engineering_systems_design_rhapsody 9.0.2
ibm engineering_systems_design_rhapsody 10.0
ibm engineering_systems_design_rhapsody 10.0.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-311 The product does not encrypt sensitive or critical information before storage or transmission.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in IBM Engineering Systems Design Rhapsody versions 9.0.2, 10.0, and 10.0.1, where the software transmits sensitive information without encryption. This lack of encryption could allow an attacker to intercept and obtain highly sensitive information during transmission.


How can this vulnerability impact me? :

The vulnerability can impact you by exposing highly sensitive information to attackers who intercept the unencrypted transmissions. This could lead to unauthorized access to confidential data, potentially causing data breaches or information leaks.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart