CVE-2025-1823

EUVD-2025-206776
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
ibmCNA
3.5 LOW
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
ibmjazz_reporting_service
7.0.3
ibmjazz_reporting_service
7.0.3:ifix001
ibmjazz_reporting_service
7.0.3:ifix002
ibmjazz_reporting_service
7.0.3:ifix003
ibmjazz_reporting_service
7.0.3:ifix004
ibmjazz_reporting_service
7.0.3:ifix005
ibmjazz_reporting_service
7.0.3:ifix006
ibmjazz_reporting_service
7.0.3:ifix007
ibmjazz_reporting_service
7.0.3:ifix008
ibmjazz_reporting_service
7.0.3:ifix009
ibmjazz_reporting_service
7.0.3:ifix010
ibmjazz_reporting_service
7.0.3:ifix011
ibmjazz_reporting_service
7.0.3:ifix012
ibmjazz_reporting_service
7.0.3:ifix013
ibmjazz_reporting_service
7.0.3:ifix014
ibmjazz_reporting_service
7.0.3:ifix015
ibmjazz_reporting_service
7.0.3:ifix016
ibmjazz_reporting_service
7.0.3:ifix017
ibmjazz_reporting_service
7.0.3:ifix018
ibmjazz_reporting_service
7.0.3:ifix019
ibmjazz_reporting_service
7.0.3:ifix020
ibmjazz_reporting_service
7.1
ibmjazz_reporting_service
7.1:ifix001
ibmjazz_reporting_service
7.1:ifix002
ibmjazz_reporting_service
7.1:ifix003
ibmjazz_reporting_service
7.1:ifix004-sr1-base
ibmjazz_reporting_service
7.1:ifix005
ibmjazz_reporting_service
7.1:ifix006
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7258083