How severe is CVE-2025-36102?

CVE-2025-36102 has a CVSS v3 score of 2.7 (LOW).

CVE-2025-36102

Name: controller
Author: ibm

2.7LOW

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, du

Veröffentlicht: 12/8/2025Aktualisiert: 12/10/2025

Beschreibung

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security.

KI-AnalyseKI-gestützt

Betroffene Produkte

ibmcognos_controller

ibmcontroller

Referenzen

https://www.ibm.com/support/pages/node/7253273
Vendor Advisory