CVE-2025-25020 IBM QRadar Suite Software and IBM Cloud Pak for Security improper input validation

🗓️ 03 Jun 2025 15:19:41Reported by ibmType

CVE-2025-25020 affects IBM QRadar and Cloud Pak for Security, leading to denial of service risk.

Reporter	Title	Published	Views	Family All 10
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	4 Jun 202517:31	–	ibm
Circl	CVE-2025-25020	3 Jun 202516:36	–	circl
CNNVD	IBM Cloud Pak for Security和IBM QRadar Suite 安全漏洞	3 Jun 202500:00	–	cnnvd
CNVD	IBM Cloud Pak for Security and IBM QRadar Suite Input Validation Error Vulnerability	11 Jun 202500:00	–	cnvd
CVE	CVE-2025-25020	3 Jun 202515:19	–	cve
EUVD	EUVD-2025-16735	3 Oct 202520:07	–	euvd
NVD	CVE-2025-25020	3 Jun 202516:15	–	nvd
Positive Technologies	PT-2025-23635 · Ibm · Ibm Cloud Pak For Security +1	3 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-25020	5 Jun 202515:26	–	redhatcve
Vulnrichment	CVE-2025-25020 IBM QRadar Suite Software and IBM Cloud Pak for Security improper input validation	3 Jun 202515:19	–	vulnrichment

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "QRadar Suite Software",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "1.11.2.0",
        "status": "affected",
        "version": "1.10.12.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "cpes": [
      "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Cloud Pak for Security",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "1.10.11.0",
        "status": "affected",
        "version": "1.10.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7235432

24 Aug 2025 12:00Current

CVSS 3.16.5

EPSS0.00356

CWE-1287

cve-2025-25020 ibm qradar denial of service input validation issue