IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
Fixes

Solution

Affected Product(s)VRMFRemediation/FixesIBM Integrated Analytics System1.0.31.0-WebConsole-Special-Build-IM-IIAS-fp349 Link to Fix Central https://www.ibm.com/support/fixcentral/swg/selectFixes Guide to Deploy build: Guide to deploy special build web console - IBM Documentation https://www.ibm.com/docs/en/ias


Workaround

No workaround given by the vendor.

History

Wed, 24 Sep 2025 00:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:ibm:integrated_analytics_system:*:*:*:*:*:*:*:*

Mon, 25 Aug 2025 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sun, 24 Aug 2025 01:30:00 +0000

Type Values Removed Values Added
Description IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
Title IBM Integrated Analytics System file upload
First Time appeared Ibm
Ibm integrated Analytics System
Weaknesses CWE-434
CPEs cpe:2.3:a:ibm:integrated_analytics_system:1.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:integrated_analytics_system:1.0.30.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm integrated Analytics System
References
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-08-26T03:55:29.531Z

Reserved: 2025-04-15T21:16:22.577Z

Link: CVE-2025-36174

cve-icon Vulnrichment

Updated: 2025-08-25T11:31:57.900Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-24T02:15:45.560

Modified: 2025-09-23T23:49:41.467

Link: CVE-2025-36174

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.