CVE-2025-36174 | THREATINT

Description

IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.

PUBLISHED Reserved 2025-04-15 | Published 2025-08-24 | Updated 2025-08-26 | Assigner ibm

HIGH: 8.0CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-434 Unrestricted Upload of File with Dangerous Type

Product status

Default status

unaffected

1.0.0.0

affected

References

www.ibm.com/support/pages/node/7242970 vendor-advisory patch

cve.org (CVE-2025-36174)

nvd.nist.gov (CVE-2025-36174)

Download JSON