CVE-2025-33111

Name of the Vulnerable Software and Affected Versions IBM Controller versions 11.1.0 through 11.1.1 IBM Cognos Controller versions 11.0.0 through 11.0.1 FP6

Description The software is susceptible to a race condition during the creation of temporary files without utilizing atomic operations. This can potentially expose sensitive information to an authenticated user. The issue involves the insecure handling of temporary file creation, which could allow an attacker to exploit a timing window to access or modify these files.

Recommendations Update IBM Controller to a version later than 11.1.1. Update IBM Cognos Controller to a version later than 11.0.1 FP6.