File Upload Vulnerability in IBM Integrated Analytics System
CVE-2025-36174

8HIGH

Key Information:

Vendor: IBM
Status: Integrated Analytics System
Vendor: CVE Published:; 24 August 2025

What is CVE-2025-36174?

IBM Integrated Analytics System versions 1.0.0.0 through 1.0.30.0 have a vulnerability that allows authenticated users to upload potentially dangerous file types. If these files are opened by other users, they may lead to execution of malicious code, posing significant security risks.

Affected Version(s)

Integrated Analytics System 1.0.0.0 <= 1.0.30.0

References

https://www.ibm.com/support/pages/node/7242970

vendor-advisorypatch

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 24, 2025
Vulnerability Reserved
Apr 15, 2025