{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1823", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-03-01T14:39:33.891Z", "datePublished": "2026-02-04T21:07:17.979Z", "dateUpdated": "2026-02-05T14:32:02.968Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:iFix020:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.1:iFix006:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "Jazz Reporting Service", "vendor": "IBM", "versions": [{"lessThanOrEqual": "7.1iFix006", "status": "affected", "version": "7.1", "versionType": "semver"}, {"lessThanOrEqual": "7.0.3iFix020", "status": "affected", "version": "7.0.3", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources. <br><br>"}], "value": "IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-02-04T21:09:35.449Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7258083"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerability now by applying the iFix listed below:</p><div><table><tbody><tr><td>Product</td><td>Version</td><td>iFix</td><td>Remediation / First Fix</td></tr><tr><td>IBM Jazz Reporting Service</td><td>7.1</td><td>7.1iFix007</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=7.1-IBM-ELM-iFix007&amp;includeRequisites=0&amp;includeSupersedes=0&amp;downloadMethod=ddp&amp;login=true\">Fix Central - 7.1</a></td></tr><tr><td>IBM Jazz Reporting Service</td><td>7.0.3</td><td>7.0.3iFix021</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=7.0.3-IBM-ELM-iFix021&amp;continue=1\">Fix Central - 7.0.3</a></td></tr></tbody></table></div><br><br>"}], "value": "IBM strongly recommends addressing the vulnerability now by applying the iFix listed below:\n\nProductVersioniFixRemediation / First FixIBM Jazz Reporting Service7.17.1iFix007 Fix Central - 7.1 https://www.ibm.com/support/fixcentral/swg/downloadFixes IBM Jazz Reporting Service7.0.37.0.3iFix021 Fix Central - 7.0.3 https://www.ibm.com/support/fixcentral/swg/doSelectFixes"}], "source": {"discovery": "UNKNOWN"}, "title": "IBM Jazz Reporting Service Denial of Service", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-05T14:20:10.556705Z", "id": "CVE-2025-1823", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-05T14:32:02.968Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1823", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-05T14:20:10.556705Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-05T14:20:11.255Z"}}], "cna": {"title": "IBM Jazz Reporting Service Denial of Service", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:iFix020:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:jazz_reporting_service:7.1:iFix006:*:*:*:*:*:*"], "vendor": "IBM", "product": "Jazz Reporting Service", "versions": [{"status": "affected", "version": "7.1", "versionType": "semver", "lessThanOrEqual": "7.1iFix006"}, {"status": "affected", "version": "7.0.3", "versionType": "semver", "lessThanOrEqual": "7.0.3iFix020"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "IBM strongly recommends addressing the vulnerability now by applying the iFix listed below:\n\nProductVersioniFixRemediation / First FixIBM Jazz Reporting Service7.17.1iFix007 Fix Central - 7.1 https://www.ibm.com/support/fixcentral/swg/downloadFixes IBM Jazz Reporting Service7.0.37.0.3iFix021 Fix Central - 7.0.3 https://www.ibm.com/support/fixcentral/swg/doSelectFixes", "supportingMedia": [{"type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerability now by applying the iFix listed below:</p><div><table><tbody><tr><td>Product</td><td>Version</td><td>iFix</td><td>Remediation / First Fix</td></tr><tr><td>IBM Jazz Reporting Service</td><td>7.1</td><td>7.1iFix007</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=7.1-IBM-ELM-iFix007&amp;includeRequisites=0&amp;includeSupersedes=0&amp;downloadMethod=ddp&amp;login=true\">Fix Central - 7.1</a></td></tr><tr><td>IBM Jazz Reporting Service</td><td>7.0.3</td><td>7.0.3iFix021</td><td><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=7.0.3-IBM-ELM-iFix021&amp;continue=1\">Fix Central - 7.0.3</a></td></tr></tbody></table></div><br><br>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7258083", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources.", "supportingMedia": [{"type": "text/html", "value": "IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources. <br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-02-04T21:09:35.449Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1823", "state": "PUBLISHED", "dateUpdated": "2026-02-05T14:32:02.968Z", "dateReserved": "2025-03-01T14:39:33.891Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-02-04T21:07:17.979Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:-:*:*:*:*:*:*", "matchCriteriaId": "52DB2DB9-9B77-4C4B-9DE0-A63470EF403B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix001:*:*:*:*:*:*", "matchCriteriaId": "7610AB05-B5A4-4DEF-990F-C122DE86E7DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix002:*:*:*:*:*:*", "matchCriteriaId": "1251E494-5AB1-41DC-BA54-CE94A659D48D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix003:*:*:*:*:*:*", "matchCriteriaId": "516A6B73-FD17-4FE5-90E5-D3C2490788EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix004:*:*:*:*:*:*", "matchCriteriaId": "B61829E5-DE06-4E37-813A-95A85B929D13", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix005:*:*:*:*:*:*", "matchCriteriaId": "D9EEA9B8-F9EE-491D-9F2E-80806DE9A8A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix006:*:*:*:*:*:*", "matchCriteriaId": "B20EA3B5-C424-43E3-AAF9-D589366DE0EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix007:*:*:*:*:*:*", "matchCriteriaId": "9297B12E-DD6C-4A73-B817-A195D170B6E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix008:*:*:*:*:*:*", "matchCriteriaId": "EE8BABE5-5784-441F-8528-5DDBAC9BCFD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix009:*:*:*:*:*:*", "matchCriteriaId": "F058338F-98EA-494F-A935-5D1C72780938", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix010:*:*:*:*:*:*", "matchCriteriaId": "F446F067-E2A5-4E20-AF36-C554136C976F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix011:*:*:*:*:*:*", "matchCriteriaId": "5F623911-7423-4B29-8CFA-7DB33A2DCAD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix012:*:*:*:*:*:*", "matchCriteriaId": "7F3D47AF-D548-405E-89A4-1CC15A154206", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix013:*:*:*:*:*:*", "matchCriteriaId": "06AF1353-CB81-40AC-BF91-48C4EAB9C40C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix014:*:*:*:*:*:*", "matchCriteriaId": "0D8B33D4-0865-4DD7-B0DF-70E9C7E3C7F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix015:*:*:*:*:*:*", "matchCriteriaId": "0ADA3F30-6FFD-4691-9A8F-FF0802CB2DD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix016:*:*:*:*:*:*", "matchCriteriaId": "B64EFFC3-871E-443B-953B-3A3FF79EBDA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix017:*:*:*:*:*:*", "matchCriteriaId": "44A34BD4-F7F9-4DFE-97F2-3DA871977717", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix018:*:*:*:*:*:*", "matchCriteriaId": "C4BFC842-32B8-446E-A8C6-537BCA5F4F11", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix019:*:*:*:*:*:*", "matchCriteriaId": "4EEA0180-7487-4CEB-8202-A4C2ABF3900B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:ifix020:*:*:*:*:*:*", "matchCriteriaId": "DE496A55-5B57-4E7C-B6BE-8972246717EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:-:*:*:*:*:*:*", "matchCriteriaId": "85E3420F-9EF2-4BD7-99B4-A6A82A5F5F25", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix001:*:*:*:*:*:*", "matchCriteriaId": "5BF0C76B-999C-43FE-8431-EDB31F278495", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix002:*:*:*:*:*:*", "matchCriteriaId": "4D9B24C9-73F3-4C1F-8489-C9313E66AC54", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix003:*:*:*:*:*:*", "matchCriteriaId": "8EBCD454-F003-4AC4-8964-CC5CD8F546F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix004-sr1-base:*:*:*:*:*:*", "matchCriteriaId": "BCBBA62C-D8DE-4EDB-91D8-BA8675C7E189", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix005:*:*:*:*:*:*", "matchCriteriaId": "D08EE602-376E-4235-81A9-BD96052895CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:jazz_reporting_service:7.1:ifix006:*:*:*:*:*:*", "matchCriteriaId": "2BFA910A-F039-44A8-8E0D-2C3A190BD532", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources."}], "id": "CVE-2025-1823", "lastModified": "2026-02-12T19:41:38.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-04T21:15:57.593", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/7258083"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}