CVE-2025-27550

CWE-4973 documents3 sources
Severity
3.5LOW
EPSS
0.0%
top 99.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Jazz Reporting Service
Timeline
PublishedFeb 4

Description

IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/jazz_reporting_service7.17.1iFix006+1
NVDibm/jazz_reporting_service7.0.3, 7.1+1

🔴Vulnerability Details

2
GHSA
GHSA-5m99-jm9q-cfc4: IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on t2026-02-04
CVEList
IBM Jazz Reporting Service Information Disclosure2026-02-04
CVE-2025-27550 (LOW CVSS 3.5) | IBM Jazz Reporting Service could al | cvebase.io