Vulnerability Details CVE-2025-36326
IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.7%
CVSS Severity
CVSS v3 Score 3.7
Products affected by CVE-2025-36326
-
cpe:2.3:a:ibm:cognos_controller:11.0.0
-
cpe:2.3:a:ibm:cognos_controller:11.0.1
-
cpe:2.3:a:ibm:controller:11.1.0