CVE-2025-36222

🗓️ 11 Sep 2025 20:44:06Reported by ibmType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 18 Views

Insecure default configuration in fusion products exposes amqstreams without client authentication.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion	11 Sep 202518:18	–	ibm
Circl	CVE-2025-36222	12 Sep 202501:02	–	circl
CNNVD	IBM多款产品安全漏洞	11 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-36222 IBM Fusion insecure default configuration	11 Sep 202520:44	–	cvelist
EUVD	EUVD-2025-28994	3 Oct 202520:07	–	euvd
NVD	CVE-2025-36222	11 Sep 202521:15	–	nvd
Positive Technologies	PT-2025-37265	11 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-36222	13 Sep 202521:22	–	redhatcve
Vulnrichment	CVE-2025-36222 IBM Fusion insecure default configuration	11 Sep 202520:44	–	vulnrichment

NVD

Vulners

Node

ibm storage_fusionRange2.2.0–2.11.0

ibm storage_fusion_hciRange2.2.0–2.11.0

ibm storage_fusion_hci_for_watsonxRange2.8.2–2.11.0

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:storage_fusion:2.2.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:storage_fusion:2.10.1:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Fusion",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "2.10.1",
        "status": "affected",
        "version": "2.2.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "cpes": [
      "cpe:2.3:a:ibm:storage_fusion_hci:2.2.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:storage_fusion_hci:2.10.0:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Fusion HCI",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "2.10.0",
        "status": "affected",
        "version": "2.2.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "cpes": [
      "cpe:2.3:a:ibm:storage_fusion_hci_for_watsonx:2.8.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:storage_fusion_hci_for_watsonx:2.10.0:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Fusion HCI for watsonx",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "2.10.0",
        "status": "affected",
        "version": "2.8.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7244646

02 Oct 2025 19:31Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.18.7 - 9.8

EPSS0.00036

SSVC

CWE-1188