216.73.216.133

CVE-2025-36102

· Published 08/12/2025 22:15 · Modified 10/12/2025 18:14

Labels: CVE-2025-36102 2025-12-08CVE-2025-36102CWE-602[email protected]

Essential information

Published
08/12/2025 22:15
Modified
10/12/2025 18:14
Author
Creator
CVSS
2.7 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

CVSS metrics

Description

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ibm / cognos controller cpe:2.3:a:ibm:cognos_controller:*:*:*:*:*:*:*:*
ibm / controller cpe:2.3:a:ibm:controller:*:*:*:*:*:*:*:*

References