CNNVD-202512-867 Information
CNNVD ID
CNNVD-202512-867
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
IBM Cognos Controller和IBM Controller都是美国国际商业机器(IBM)公司的产品。IBM Cognos Controller是一套商业智能与计划解决方案。该产品具有流程自动化、财务审计控制、创建和管理财务报告等功能。IBM Controller是一个基于 Web 的财务合并工具。 IBM Controller 11.1.0版本至11.1.1版本和IBM Cognos Controller 11.0.0版本至11.0.1 FP6版本存在安全漏洞,该漏洞源于临时文件创建未使用原子操作,可能导致敏感信息泄露。
Description (English)
IBM Cognos Controller and IBM Controller are products of IBM. IBM Cognos Contractor is a set of business intelligence and plan solutions. The product has functions such as process automation, financial audit control, creation and management of financial reports. IBM Contractor is a web-based financial consolidation tool. IBM Contractors 11.1.0 to 11.1.1 and IBM Cognos Contractors 11.0.0 to 11.01 FP6 have a security loophole, which originates in the creation of temporary files that do not operate atoms and may lead to the disclosure of sensitive information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-12-08
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7253273 https://access.redhat.com/security/cve/cve-2025-33111
Patch
https://www.ibm.com/support/pages/node/7253273
Share on: