Denial of Service Vulnerability in IBM Cognos Analytics
CVE-2025-25032

7.5HIGH

Key Information:

Vendor: IBM
Status: Cognos Analytics
Vendor: CVE Published:; 11 June 2025

What is CVE-2025-25032?

A vulnerability in IBM Cognos Analytics allows an authenticated user to trigger a denial of service by sending specially crafted requests. This could lead to resource exhaustion, making the application unresponsive. Affected versions include 11.2.0 through 11.2.4 and 12.0.0 through 12.0.4. It is crucial for users to be aware of this vulnerability to prevent potentially disruptive incidents.

Affected Version(s)

Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4

References

https://www.ibm.com/support/pages/node/7234674

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Jan 31, 2025