VYPR
Unrated severityNVD Advisory· Published Sep 11, 2025· Updated Feb 26, 2026

IBM Fusion insecure default configuration

CVE-2025-36222

Description

IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • IBM/Fusion HCIcpe-rescue3 versions
    cpe:2.3:a:ibm:storage_fusion:2.2.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:storage_fusion:2.2.0:*:*:*:*:*:*:*range: 2.2.0
    • cpe:2.3:a:ibm:storage_fusion_hci:2.2.0:*:*:*:*:*:*:*range: 2.2.0
    • (no CPE)range: 2.2.0 to 2.10.0
  • IBM/Fusion HCI for watsonxcpe-rescue2 versions
    cpe:2.3:a:ibm:storage_fusion_hci_for_watsonx:2.8.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:storage_fusion_hci_for_watsonx:2.8.2:*:*:*:*:*:*:*range: 2.8.2
    • (no CPE)range: 2.8.2 to 2.10.0
  • WordPress/Fusionllm-fuzzy
    Range: 2.2.0 to 2.10.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.