IBM

Security Scorecard

Score

20F

Total CVEs

318

Patch Rate

23%

73 patched

Avg Response

1733d

days to patch

Critical Gaps

38

exploitable, no detection

Severity Breakdown

Critical3
High151
Medium127
Low31

Patch Status

Patched73 (23%)
Partial/Workaround3 (1%)
Unpatched242 (76%)

CVEs (322)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-12985IBM Licensing Operator Privilege EscalationHigh8.4-Patched
CVE-2025-14115IBM Sterling Connect:Direct for UNIX Container Hard-Coded Credentials VulnerabilityHigh8.4-Patched
CVE-2025-1719Concert 1.x Data BreachMedium5.9-Patched
CVE-2025-1722IBM Concert Remote Information DisclosureMedium5.9-Patched
CVE-2025-36058IBM Business Automation Workflow Container VulnerabilityMedium5.5-Patched
CVE-2025-36059IBM Business Automation Workflow Container VulnerabilityMedium4.7-Patched
CVE-2025-36063IBM Sterling Connect:Express Adapter for Sterling B2B Integrator Remote Session Impersonation VulnerabilityMedium6.3-Patched
CVE-2025-36065IBM Sterling Connect:Express Adapter for Sterling B2B IntegratorMedium6.3-Patched
CVE-2025-36066IBM Sterling Connect:Express Adapter for Sterling B2B Integrator Cross-Site Scripting VulnerabilityMedium6.1-Patched
CVE-2025-36113IBM Sterling Connect:Express Adapter for Sterling B2B Integrator Cross-Site Scripting VulnerabilityMedium5.4-Patched