Information Disclosure Vulnerability in IBM Cognos Analytics Certified Containers
CVE-2025-33150

5.3MEDIUM

Key Information:

Vendor

IBM
Status
Cognos Analytics Certified Containers
Vendor
CVE Published:
10 November 2025

What is CVE-2025-33150?

IBM Cognos Analytics Certified Containers 12.1.0 has a security flaw that may allow unauthorized users to access sensitive package parameter information. This issue arises due to the existence of hidden pages within the application, potentially exposing confidential data and compromising the integrity of the system. It is critical for users to be aware of this vulnerability and take necessary precautions.

Affected Version(s)

Cognos Analytics Certified Containers 12.1.0

References

https://www.ibm.com/support/pages/node/7250395
vendor-advisorypatch

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-33150 : Information Disclosure Vulnerability in IBM Cognos Analytics Certified Containers