Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-33111
PUBLISHED
More InfoOfficial Page
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
View Known Exploited Vulnerability (KEV) details
Published At-08 Dec, 2025 | 21:28
Updated At-09 Dec, 2025 | 16:05
Rejected At-
▼CVE Numbering Authority (CNA)
IBM Controller Information Disclosure

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks.

Affected Products
Vendor
IBM CorporationIBM
Product
Controller
CPEs
  • cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*
Versions
Affected
  • From 11.1.0 through 11.1.1 (semver)
Vendor
IBM CorporationIBM
Product
Cognos Controller
CPEs
  • cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:cognos_controller:11.0.1:FP6:*:*:*:*:*:*
Versions
Affected
  • From 11.0.0 through 11.0.1 FP6 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-379CWE-379 Creation of Temporary File in Directory with Insecure Permissions
Type: CWE
CWE ID: CWE-379
Description: CWE-379 Creation of Temporary File in Directory with Insecure Permissions
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Remediation/Fixes It is strongly recommended that you apply the most recent security updates: Affected Product(s) Version(s) Fix IBM Controller 11.1.0 - 11.1.1 Download IBM Controller 11.1.2 from Passport Advantage IBM Cognos Controller 11.0.0 - 11.0.1 FP6 Download IBM Cognos Controller 11.0.1 FP7 from Fix Central IBM Controller 11.1.2 and IBM Cognos Controller 11.0.1 FP7 are available for Cloud deployments.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ibm.com/support/pages/node/7253273
vendor-advisory
patch
Hyperlink: https://www.ibm.com/support/pages/node/7253273
Resource:
vendor-advisory
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found