File Download Vulnerability in IBM Security Guardium 12.0
CVE-2025-25029

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Security Guardium
Vendor: CVE Published:; 28 May 2025

What is CVE-2025-25029?

The vulnerability in IBM Security Guardium 12.0 stems from improper escaping of input, enabling a privileged user to download any file from the system. This flaw raises serious security concerns, as it could lead to unauthorized access to sensitive data, requiring immediate attention from users to mitigate potential risks.

Affected Version(s)

Security Guardium 12.0

References

https://www.ibm.com/support/pages/node/7234827

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2025
Vulnerability Reserved
Jan 31, 2025