User Credential Exposure in IBM QRadar SIEM by IBM
CVE-2025-33119

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Qradar Security Information And Event Management
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-33119?

IBM QRadar SIEM versions 7.5 through 7.5.0 UP14 contain a vulnerability in which user credentials are stored in configuration files that are part of source control. This exposure allows an authenticated user to read the sensitive information, potentially compromising the security of the system. Organizations utilizing affected versions should assess their configurations and apply the necessary patches to mitigate risks linked to this vulnerability.

Affected Version(s)

QRadar Security Information and Event Management 7.5 <= 7.5.0 UP14

References

https://www.ibm.com/support/pages/node/7250932

vendor-advisorypatch

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

Acknowledgement John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, and Dawid Bak from the IBM Security Ethical Hacking Team.

JSON