File Download Vulnerability in IBM Security Guardium 12.0
CVE-2025-25029

4.9MEDIUM

Key Information:

Vendor: IBM
Status: Security Guardium
Vendor: CVE Published:; 28 May 2025

What is CVE-2025-25029?

The vulnerability in IBM Security Guardium 12.0 stems from improper escaping of input, enabling a privileged user to download any file from the system. This flaw raises serious security concerns, as it could lead to unauthorized access to sensitive data, requiring immediate attention from users to mitigate potential risks.

Affected Version(s)

Security Guardium 12.0

References

https://www.ibm.com/support/pages/node/7234827

vendor-advisorypatch

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 28, 2025
Vulnerability Reserved
Jan 31, 2025

JSON