Directory Traversal Vulnerability in IBM Cognos Analytics
CVE-2025-0823
6.5MEDIUM
What is CVE-2025-0823?
IBM Cognos Analytics versions 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 are susceptible to a directory traversal vulnerability. This issue allows remote attackers to exploit specially crafted URL requests containing 'dot dot' sequences (/../), thereby gaining unauthorized access to system files. Successful exploitation may enable attackers to view arbitrary files on the host, leading to potential data exposure and security breaches.
Affected Version(s)
Cognos Analytics 11.2.0 <= 11.2.4 FP5
Cognos Analytics 12.0.0 <= 12.0.4