github - ghsa-v5pr-8475-3jq8

GHSA-V5PR-8475-3JQ8

Vulnerability from github – Published: 2025-09-26 15:30 – Updated: 2025-09-26 15:30

Details

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.

Severity ?

3.7 (Low)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-36326"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-321"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-26T15:16:03Z",
    "severity": "LOW"
  },
  "details": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.",
  "id": "GHSA-v5pr-8475-3jq8",
  "modified": "2025-09-26T15:30:28Z",
  "published": "2025-09-26T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36326"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7246015"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2025-36326 (GCVE-0-2025-36326)

Vulnerability from cvelistv5 – Published: 2025-09-26 14:20 – Updated: 2025-09-26 14:54

Summary

Severity ?

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-321 - Use of Hard-coded Cryptographic Key

Assigner

ibm

References

URL

Tags

https://www.ibm.com/support/pages/node/7246015

vendor-advisorypatch

Impacted products

Vendor

Product

Version

IBM

Cognos Controller

Affected: 11.0.0 , ≤ 11.0.1 (semver)
cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_controller:11.0.1:*:*:*:*:*:*:*

IBM

Controller

Affected: 11.1.0 , ≤ 11.1.1 (semver)
cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-36326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-26T14:54:16.381196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T14:54:41.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:cognos_controller:11.0.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Cognos Controller",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "11.0.1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Controller",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "11.1.1",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies."
            }
          ],
          "value": "IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-26T14:20:46.219Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7246015"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM Controller information disclosure",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003eDownload the script from here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIt is strongly recommended that you apply the most recent security updates:\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u0026nbsp; \u0026nbsp; \u003c/div\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eAffected Product(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVersion(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eInterim Fix\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Controller\u003c/td\u003e\u003ctd\u003e11.1.0 - 11.1.1\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Controller\u003c/td\u003e\u003ctd\u003e11.0.0 - 11.0.1 \u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FCognos+8+Controller\u0026amp;fixids=CNTRL-WS-11.X-PATCH\u0026amp;source=SAR\u0026amp;function=fixId\u0026amp;parent=Cognos\"\u003eFix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003ePrerequisites\u003c/p\u003e\u003col\u003e\u003cli\u003eEnsure you are logged in to the server with System Administrator privileges.\u003c/li\u003e\u003cli\u003eCreate a backup of the server.js file located in the product installation path (e.g., C:\\ccr_64\\frontend) before proceeding.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eProcedure\u003c/p\u003e\u003col\u003e\u003cli\u003eNavigate to the directory containing server.js in the product installation path (e.g., C:\\ccr_64\\frontend).\u003c/li\u003e\u003cli\u003eCopy the script file ControllerWebUIService_11_X_Patch.ps1 into this directory.\u003c/li\u003e\u003cli\u003eRight-click on the ControllerWebUIService_11_X_Patch.ps1 script and select Run with PowerShell to execute it.\u003c/li\u003e\u003cli\u003eAfter execution, verify that a new System Environment Variable named session_passphrase has been created and assigned a random value.\u003c/li\u003e\u003cli\u003eConfirm that all SSL configuration steps have already been completed if you have enabled SSL.\u003c/li\u003e\u003cli\u003eRestart the IBM Controller Web UI service.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eNotes\u003c/p\u003e\u003cul\u003e\u003cli\u003eThis script is intended for one-time use only. Do not re-run the script.\u003c/li\u003e\u003cli\u003eIf any errors occur during execution of the ControllerWebUIService_11_X_Patch.ps1 script, you may run the rollback script ControllerWebUIService_11_X_Patch_Rollback.ps1 or  \u0026nbsp; replace server.js with the backed-up file.\u003c/li\u003e\u003cli\u003eDo not delete the session_passphrase environment variable.\u003c/li\u003e\u003cli\u003eAfter each Fix Pack (FP) upgrade, re-execute the patch script only if the session_passphrase is missing from the server.js file.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Download the script from here:  Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes \n\n\u00a0\n\nIt is strongly recommended that you apply the most recent security updates:\n\n\n\n\n\n\u00a0 \u00a0 \n\nAffected Product(s)Version(s)Interim FixIBM Controller11.1.0 - 11.1.1 Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes IBM Cognos Controller11.0.0 - 11.0.1  Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes \n\nPrerequisites\n\n  *  Ensure you are logged in to the server with System Administrator privileges.\n  *  Create a backup of the server.js file located in the product installation path (e.g., C:\\ccr_64\\frontend) before proceeding.\nProcedure\n\n  *  Navigate to the directory containing server.js in the product installation path (e.g., C:\\ccr_64\\frontend).\n  *  Copy the script file ControllerWebUIService_11_X_Patch.ps1 into this directory.\n  *  Right-click on the ControllerWebUIService_11_X_Patch.ps1 script and select Run with PowerShell to execute it.\n  *  After execution, verify that a new System Environment Variable named session_passphrase has been created and assigned a random value.\n  *  Confirm that all SSL configuration steps have already been completed if you have enabled SSL.\n  *  Restart the IBM Controller Web UI service.\nNotes\n\n  *  This script is intended for one-time use only. Do not re-run the script.\n  *  If any errors occur during execution of the ControllerWebUIService_11_X_Patch.ps1 script, you may run the rollback script ControllerWebUIService_11_X_Patch_Rollback.ps1 or  \u00a0 replace server.js with the backed-up file.\n  *  Do not delete the session_passphrase environment variable.\n  *  After each Fix Pack (FP) upgrade, re-execute the patch script only if the session_passphrase is missing from the server.js file."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-36326",
    "datePublished": "2025-09-26T14:20:46.219Z",
    "dateReserved": "2025-04-15T21:16:51.462Z",
    "dateUpdated": "2025-09-26T14:54:41.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-V5PR-8475-3JQ8

CVE-2025-36326 (GCVE-0-2025-36326)

Tags

Sightings

Nomenclature