CVE-2025-33111
MEDIUMDescription
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks.
Is your site exposed to CVE-2025-33111?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | cognos_controller |
| ibm | controller |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-33111? +
How severe is CVE-2025-33111? +
What products are affected by CVE-2025-33111? +
How do I check if I'm vulnerable to CVE-2025-33111? +
Related Vulnerabilities
A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which …
A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. …
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled …
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the …
The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The …
Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level …