IBM Fusion insecure default configuration_CVE-2025-36222

8.7 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Description

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.

Basic Information

ID CVE-2025-36222

Source ibm

Published Sep 11, 2025 at 20:44

Affected Product

Vendor IBM

Product Fusion

Version 2.2.0

Affected Versions IBM Fusion 2.2.0
IBM Fusion HCI 2.2.0
IBM Fusion HCI for watsonx 2.8.2

CWE Classification

CWE-1188

References

www.ibm.com /support/pages/node/7244646

{
    "lastseen": "",
    "description": "IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.",
    "published": "2025-09-11T20:44:06.696Z",
    "modified": "2025-09-11T20:44:06.696Z",
    "type": "cve",
    "title": "IBM Fusion insecure default configuration",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7244646",
    "id": "CVE-2025-36222",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1188"
    ],
    "cvelist": null,
    "sourceData": "IBM Fusion 2.2.0\nIBM Fusion HCI 2.2.0\nIBM Fusion HCI for watsonx 2.8.2",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fusion",
    "version": "2.2.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}