fkie_nvd - fkie_cve-2025-36326

fkie_cve-2025-36326

Vulnerability from fkie_nvd

Published

2025-09-26 15:16

Modified

2025-10-03 19:14

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.

References

▼	URL	Tags
	psirt@us.ibm.com	https://www.ibm.com/support/pages/node/7246015	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	cognos_controller	*
	ibm	controller	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:cognos_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FACCAE0A-7AE8-4E8A-A407-191C260B6F91",
              "versionEndIncluding": "11.0.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DEB42CB-5D84-498E-82D3-0EA268A4E599",
              "versionEndIncluding": "11.1.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies."
    }
  ],
  "id": "CVE-2025-36326",
  "lastModified": "2025-10-03T19:14:39.327",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-09-26T15:16:03.437",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/7246015"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-321"
        }
      ],
      "source": "psirt@us.ibm.com",
      "type": "Primary"
    }
  ]
}

CVE-2025-36326 (GCVE-0-2025-36326)

Vulnerability from cvelistv5

Published

2025-09-26 14:20

Modified

2025-09-26 14:54

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-321 - Use of Hard-coded Cryptographic Key

Summary

References

▼	URL	Tags
	https://www.ibm.com/support/pages/node/7246015	vendor-advisory, patch

Impacted products

Vendor

Product

Version

▼

IBM

Cognos Controller

Version: 11.0.0   ≤ 11.0.1
    cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:cognos_controller:11.0.1:*:*:*:*:*:*:*

IBM

Controller

Version: 11.1.0   ≤ 11.1.1
    cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-36326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-26T14:54:16.381196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T14:54:41.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:cognos_controller:11.0.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Cognos Controller",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "11.0.1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Controller",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "11.1.1",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies."
            }
          ],
          "value": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-26T14:20:46.219Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7246015"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM Controller information disclosure",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003eDownload the script from here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIt is strongly recommended that you apply the most recent security updates:\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u0026nbsp; \u0026nbsp; \u003c/div\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eAffected Product(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVersion(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eInterim Fix\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Controller\u003c/td\u003e\u003ctd\u003e11.1.0 - 11.1.1\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Controller\u003c/td\u003e\u003ctd\u003e11.0.0 - 11.0.1 \u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003ePrerequisites\u003c/p\u003e\u003col\u003e\u003cli\u003eEnsure you are logged in to the server with System Administrator privileges.\u003c/li\u003e\u003cli\u003eCreate a backup of the server.js file located in the product installation path (e.g., C:\\ccr_64\\frontend) before proceeding.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eProcedure\u003c/p\u003e\u003col\u003e\u003cli\u003eNavigate to the directory containing server.js in the product installation path (e.g., C:\\ccr_64\\frontend).\u003c/li\u003e\u003cli\u003eCopy the script file ControllerWebUIService_11_X_Patch.ps1 into this directory.\u003c/li\u003e\u003cli\u003eRight-click on the ControllerWebUIService_11_X_Patch.ps1 script and select Run with PowerShell to execute it.\u003c/li\u003e\u003cli\u003eAfter execution, verify that a new System Environment Variable named session_passphrase has been created and assigned a random value.\u003c/li\u003e\u003cli\u003eConfirm that all SSL configuration steps have already been completed if you have enabled SSL.\u003c/li\u003e\u003cli\u003eRestart the IBM Controller Web UI service.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eNotes\u003c/p\u003e\u003cul\u003e\u003cli\u003eThis script is intended for one-time use only. Do not re-run the script.\u003c/li\u003e\u003cli\u003eIf any errors occur during execution of the ControllerWebUIService_11_X_Patch.ps1 script, you may run the rollback script ControllerWebUIService_11_X_Patch_Rollback.ps1 or  \u0026nbsp; replace server.js with the backed-up file.\u003c/li\u003e\u003cli\u003eDo not delete the session_passphrase environment variable.\u003c/li\u003e\u003cli\u003eAfter each Fix Pack (FP) upgrade, re-execute the patch script only if the session_passphrase is missing from the server.js file.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Download the script from here:  Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes \n\n\u00a0\n\nIt is strongly recommended that you apply the most recent security updates:\n\n\n\n\n\n\u00a0 \u00a0 \n\nAffected Product(s)Version(s)Interim FixIBM Controller11.1.0 - 11.1.1 Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes IBM Cognos Controller11.0.0 - 11.0.1  Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes \n\nPrerequisites\n\n  *  Ensure you are logged in to the server with System Administrator privileges.\n  *  Create a backup of the server.js file located in the product installation path (e.g., C:\\ccr_64\\frontend) before proceeding.\nProcedure\n\n  *  Navigate to the directory containing server.js in the product installation path (e.g., C:\\ccr_64\\frontend).\n  *  Copy the script file ControllerWebUIService_11_X_Patch.ps1 into this directory.\n  *  Right-click on the ControllerWebUIService_11_X_Patch.ps1 script and select Run with PowerShell to execute it.\n  *  After execution, verify that a new System Environment Variable named session_passphrase has been created and assigned a random value.\n  *  Confirm that all SSL configuration steps have already been completed if you have enabled SSL.\n  *  Restart the IBM Controller Web UI service.\nNotes\n\n  *  This script is intended for one-time use only. Do not re-run the script.\n  *  If any errors occur during execution of the ControllerWebUIService_11_X_Patch.ps1 script, you may run the rollback script ControllerWebUIService_11_X_Patch_Rollback.ps1 or  \u00a0 replace server.js with the backed-up file.\n  *  Do not delete the session_passphrase environment variable.\n  *  After each Fix Pack (FP) upgrade, re-execute the patch script only if the session_passphrase is missing from the server.js file."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-36326",
    "datePublished": "2025-09-26T14:20:46.219Z",
    "dateReserved": "2025-04-15T21:16:51.462Z",
    "dateUpdated": "2025-09-26T14:54:41.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted