Insecure Default Initialization of Resource

CVE-2025-36222

High

8.7/10

Summary

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-1188 - Insecure Default Initialization of Resource

The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

References

Advisory Timeline

Published Sep 11, 2025

Insecure Default Initialization of Resource

CVE-2025-36222

Summary

CWE-1188 - Insecure Default Initialization of Resource

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS