CVE-2025-0923

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system.

Published: Jun 11, 2025
Updated: Jun 12, 2025
CVE: CVE-2025-0923
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-540

Affected Software
References

Software	From	Fixed in
ibm / cognos_analytics	11.2.4-fixpack1	11.2.4-fixpack1.x
ibm / cognos_analytics	11.2.4-fixpack2	11.2.4-fixpack2.x
ibm / cognos_analytics	11.2.0	11.2.4.x
ibm / cognos_analytics	12.0.0	12.0.4.x
ibm / cognos_analytics	11.2.4-fixpack3	11.2.4-fixpack3.x

https://www.ibm.com/support/pages/node/7234674

Vulnerability Database

290,206

CVE-2025-0923