{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-1334","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2025-02-15T14:16:41.665Z","datePublished":"2025-06-03T15:18:40.596Z","dateUpdated":"2025-08-24T11:59:40.522Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"QRadar Suite Software","vendor":"IBM","versions":[{"lessThanOrEqual":"1.11.2.0","status":"affected","version":"1.10.12.0","versionType":"semver"}]},{"cpes":["cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"Cloud Pak for Security","vendor":"IBM","versions":[{"lessThanOrEqual":"1.10.11.0","status":"affected","version":"1.10.0.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system."}],"value":"IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-525","description":"CWE-525 Information Exposure Through Browser Caching","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2025-08-24T11:59:40.522Z"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7235432"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM strongly encourages customers to update their systems promptly.<br><br>Please upgrade to at least version 1.11.3.0 according to the following instructions:<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing</a><br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading</a><br>"}],"value":"IBM strongly encourages customers to update their systems promptly.\n\nPlease upgrade to at least version 1.11.3.0 according to the following instructions:\n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing \n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading"}],"source":{"discovery":"UNKNOWN"},"title":"IBM QRadar Suite Software and IBM Cloud Pak for Security information disclosure","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-06-03T15:30:48.789875Z","id":"CVE-2025-1334","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-03T15:31:00.347Z"}}]}}