CVE-2025-33013 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.2 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
ibm	CNA	6.2 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Affected Products (NVD)

Vendor	Product	Version
ibm	mq_operator	2.0.0 ≤ 𝑥 ≤ 2.0.29
ibm	mq_operator	3.2.0 ≤ 𝑥 ≤ 3.2.13
ibm	mq_operator	3.5.1 ≤ 𝑥 ≤ 3.6.0
ibm	mq_operator	3.3.0
ibm	mq_operator	3.4.0
ibm	mq_operator	3.4.1
ibm	mq_operator	3.5.0
ibm	supplied_mq_advanced_container_images	9.3.0.0:r1
ibm	supplied_mq_advanced_container_images	9.3.0.0:r2
ibm	supplied_mq_advanced_container_images	9.3.0.0:r3
ibm	supplied_mq_advanced_container_images	9.3.0.1:r1
ibm	supplied_mq_advanced_container_images	9.3.0.1:r2
ibm	supplied_mq_advanced_container_images	9.3.0.1:r3
ibm	supplied_mq_advanced_container_images	9.3.0.1:r4
ibm	supplied_mq_advanced_container_images	9.3.0.3:r1
ibm	supplied_mq_advanced_container_images	9.3.0.4:r1
ibm	supplied_mq_advanced_container_images	9.3.0.4:r2
ibm	supplied_mq_advanced_container_images	9.3.0.5:r1
ibm	supplied_mq_advanced_container_images	9.3.0.5:r2
ibm	supplied_mq_advanced_container_images	9.3.0.5:r3
ibm	supplied_mq_advanced_container_images	9.3.0.6:r1
ibm	supplied_mq_advanced_container_images	9.3.0.10:r1
ibm	supplied_mq_advanced_container_images	9.3.0.10:r2
ibm	supplied_mq_advanced_container_images	9.3.0.11:r1
ibm	supplied_mq_advanced_container_images	9.3.0.11:r2
ibm	supplied_mq_advanced_container_images	9.3.0.15:r1
ibm	supplied_mq_advanced_container_images	9.3.0.16:r1
ibm	supplied_mq_advanced_container_images	9.3.0.16:r2
ibm	supplied_mq_advanced_container_images	9.3.0.17:r1
ibm	supplied_mq_advanced_container_images	9.3.0.17:r2
ibm	supplied_mq_advanced_container_images	9.3.0.17:r3
ibm	supplied_mq_advanced_container_images	9.3.0.20:r1
ibm	supplied_mq_advanced_container_images	9.3.0.20:r2
ibm	supplied_mq_advanced_container_images	9.3.0.21:r1
ibm	supplied_mq_advanced_container_images	9.3.0.21:r2
ibm	supplied_mq_advanced_container_images	9.3.0.21:r3
ibm	supplied_mq_advanced_container_images	9.3.0.25:r1
ibm	supplied_mq_advanced_container_images	9.4.0.0:r1
ibm	supplied_mq_advanced_container_images	9.4.0.0:r2
ibm	supplied_mq_advanced_container_images	9.4.0.0:r3
ibm	supplied_mq_advanced_container_images	9.4.0.5:r1
ibm	supplied_mq_advanced_container_images	9.4.0.5:r2
ibm	supplied_mq_advanced_container_images	9.4.0.6:r1
ibm	supplied_mq_advanced_container_images	9.4.0.6:r2
ibm	supplied_mq_advanced_container_images	9.4.0.7:r1
ibm	supplied_mq_advanced_container_images	9.4.0.10:r1
ibm	supplied_mq_advanced_container_images	9.4.0.10:r2
ibm	supplied_mq_advanced_container_images	9.4.0.11:r1
ibm	supplied_mq_advanced_container_images	9.4.0.11:r2
ibm	supplied_mq_advanced_container_images	9.4.0.11:r3
ibm	supplied_mq_advanced_container_images	9.4.1.0:r1
ibm	supplied_mq_advanced_container_images	9.4.1.0:r2
ibm	supplied_mq_advanced_container_images	9.4.1.1:r1
ibm	supplied_mq_advanced_container_images	9.4.2.0:r1
ibm	supplied_mq_advanced_container_images	9.4.2.0:r2
ibm	supplied_mq_advanced_container_images	9.4.2.1:r1
ibm	supplied_mq_advanced_container_images	9.4.2.1:r2
ibm	supplied_mq_advanced_container_images	9.4.3.0:r1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

References

https://www.ibm.com/support/pages/node/7240431