CVE-2025-0923

CWE-5403 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 55.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Cognos Analytics
Timeline
PublishedJun 11

Description

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDibm/cognos_analytics11.2.011.2.4+2
CVEListV5ibm/cognos_analytics10 versions+9

🔴Vulnerability Details

2
CVEList
IBM Cognos Analytics information disclosure2025-06-11
GHSA
GHSA-gr5f-7m4r-g5r6: IBM Cognos Analytics 112025-06-11
CVE-2025-0923 (MEDIUM CVSS 5.3) | IBM Cognos Analytics 11.2.0 | cvebase.io