How severe is CVE-2025-36102?

CVE-2025-36102 has a CVSS v3 score of 2.7 (LOW).

CVE-2025-36102

Name: controller
Author: ibm

2.7LOW

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, du

Published: 12/8/2025Updated: 12/10/2025

Description

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security.

AI AnalysisPowered by AI

Affected Products

ibmcognos_controller

ibmcontroller

References

https://www.ibm.com/support/pages/node/7253273
Vendor Advisory