{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1334", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-02-15T14:16:41.665Z", "datePublished": "2025-06-03T15:18:40.596Z", "dateUpdated": "2025-08-24T11:59:40.522Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "QRadar Suite Software", "vendor": "IBM", "versions": [{"lessThanOrEqual": "1.11.2.0", "status": "affected", "version": "1.10.12.0", "versionType": "semver"}]}, {"cpes": ["cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "Cloud Pak for Security", "vendor": "IBM", "versions": [{"lessThanOrEqual": "1.10.11.0", "status": "affected", "version": "1.10.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system."}], "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-525", "description": "CWE-525 Information Exposure Through Browser Caching", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-08-24T11:59:40.522Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7235432"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM strongly encourages customers to update their systems promptly.<br><br>Please upgrade to at least version 1.11.3.0 according to the following instructions:<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing</a><br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading</a><br>"}], "value": "IBM strongly encourages customers to update their systems promptly.\n\nPlease upgrade to at least version 1.11.3.0 according to the following instructions:\n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing \n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading"}], "source": {"discovery": "UNKNOWN"}, "title": "IBM QRadar Suite Software and IBM Cloud Pak for Security information disclosure", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-03T15:30:48.789875Z", "id": "CVE-2025-1334", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T15:31:00.347Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1334", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-03T15:30:48.789875Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T15:30:51.478Z"}}], "cna": {"title": "IBM QRadar Suite Software and IBM Cloud Pak for Security information disclosure", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "QRadar Suite Software", "versions": [{"status": "affected", "version": "1.10.12.0", "versionType": "semver", "lessThanOrEqual": "1.11.2.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "Cloud Pak for Security", "versions": [{"status": "affected", "version": "1.10.0.0", "versionType": "semver", "lessThanOrEqual": "1.10.11.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "IBM strongly encourages customers to update their systems promptly.\n\nPlease upgrade to at least version 1.11.3.0 according to the following instructions:\n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing \n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading", "supportingMedia": [{"type": "text/html", "value": "IBM strongly encourages customers to update their systems promptly.<br><br>Please upgrade to at least version 1.11.3.0 according to the following instructions:<br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing</a><br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\">https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading</a><br>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7235432", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system.", "supportingMedia": [{"type": "text/html", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-525", "description": "CWE-525 Information Exposure Through Browser Caching"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-08-24T11:59:40.522Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1334", "state": "PUBLISHED", "dateUpdated": "2025-08-24T11:59:40.522Z", "dateReserved": "2025-02-15T14:16:41.665Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2025-06-03T15:18:40.596Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FA89838-3E05-4778-9323-DE51CC10FD18", "versionEndIncluding": "1.10.11.0", "versionStartIncluding": "1.10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "25D27309-653A-4F38-A593-66CE84F584C5", "versionEndIncluding": "1.11.2.0", "versionStartIncluding": "1.10.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to be stored locally which can be read by another user on the system."}, {"lang": "es", "value": "IBM QRadar Suite Software 1.10.12.0 a 1.11.2.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 permiten almacenar p\u00e1ginas web localmente para que otro usuario del sistema pueda leerlas."}], "id": "CVE-2025-1334", "lastModified": "2025-08-12T20:06:55.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2025-06-03T16:15:22.983", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/7235432"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-525"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}