CVE-2025-1823

Summary

IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources.

Affected Software

VendorProductVersion RangeStatus
IBMJazz Reporting Service7.1 <= 7.1iFix006affected
IBMJazz Reporting Service7.0.3 <= 7.0.3iFix020affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References