CVE-2025-27550

Summary

IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain sensitive information about other projects that reside on the server.

Affected Software

VendorProductVersion RangeStatus
IBMJazz Reporting Service7.1 <= 7.1iFix006affected
IBMJazz Reporting Service7.0.3 <= 7.0.3iFix020affected

Weaknesses

  • CWE-497: CWE-497

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References