CVE-2025-36015

Published: Dec 8, 2025Modified: Dec 10, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: psirt@us.ibm.com (Secondary)

Description

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow an authenticated user to cause a denial of service due to improper validation of a specified quantity size input.

Affected (2)

Products: Ibm: Cognos Controller, Controller

Ibm

2 products

Cognos Controller

Controller

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Cognos Controller	From 11.0.0 to 11.0.1.7
Ibm Controller	From 11.1.0 to 11.1.2

Related CWEs

CWE-1284

Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

References (1)

https://www.ibm.com/support/pages/node/7253273

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.