How severe is CVE-2025-36102?

CVE-2025-36102 has a CVSS v3 score of 2.7 (LOW).

CVE-2025-36102

Name: controller
Author: ibm

2.7LOW

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, du

发布于: 12/8/2025更新于: 12/10/2025

描述

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security.

AI分析AI驱动

受影响产品

ibmcognos_controller

ibmcontroller

参考资料

https://www.ibm.com/support/pages/node/7253273
Vendor Advisory