CVE-2025-36326
published 2025-09-26CVE-2025-36326: IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | cognos_controller | 11.0.0 – 11.0.1 | — |
| ibm | controller | 11.1.0 – 11.1.1 | — |