Multiple vulnerabilities in IBM Event Processing
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2025-30218 CVE-2025-49574 CVE-2025-48924 CVE-2025-48068 CVE-2025-55163 |
| CWE-ID | CWE-200 CWE-668 CWE-674 CWE-1385 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Event Processing Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU106922
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30218
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to software may leak the "x-middleware-subrequest-id" to a third party. A remote attacker with control over the third-party server can obtain the header value and use it to bypass authentication.
Install update from vendor's website.
Vulnerable software versionsEvent Processing: 1.0.0 - 1.4.4
CPE2.3- cpe:2.3:a:ibm_corporation:event_processing:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7256000
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Exposure of Resource to Wrong Sphere
EUVDB-ID: #VU113811
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-49574
CWE-ID:
CWE-668 - Exposure of resource to wrong sphere
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to an error when duplicating a duplicated context. A remote user can gain access to sensitive information, such as request scope, security details, and metadata.
MitigationInstall update from vendor's website.
Vulnerable software versionsEvent Processing: 1.0.0 - 1.4.4
CPE2.3- cpe:2.3:a:ibm_corporation:event_processing:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7256000
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Uncontrolled Recursion
EUVDB-ID: #VU113607
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-48924
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop. A remote attacker can trigger uncontrolled recursion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsEvent Processing: 1.0.0 - 1.4.4
CPE2.3- cpe:2.3:a:ibm_corporation:event_processing:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7256000
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Missing Origin Validation in WebSockets
EUVDB-ID: #VU109922
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-48068
CWE-ID:
CWE-1385 - Missing Origin Validation in WebSockets
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to missing origin validation on the WebSocket interface if the project uses the App Router. When running next dev, a malicious website can open a WebSocket connection to localhost and access component source code.
Install update from vendor's website.
Vulnerable software versionsEvent Processing: 1.0.0 - 1.4.4
CPE2.3- cpe:2.3:a:ibm_corporation:event_processing:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7256000
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Resource exhaustion
EUVDB-ID: #VU114026
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-55163
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling HTTP/2 requests. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsEvent Processing: 1.0.0 - 1.4.4
CPE2.3- cpe:2.3:a:ibm_corporation:event_processing:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:event_processing:1.0.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7256000
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
