Primary

Context

IBM Integrated Analytics System File Upload Vulnerability Allowing Execution of Malicious Files

Vulnerability

A vulnerability exists in IBM Integrated Analytics System versions 1.0.0.0 prior to 1.0.30.0, allowing authenticated users to upload files of dangerous types that could be executed by other users upon opening. This issue arises from inadequate validation of file types, enabling the upload of malicious or improperly formatted files that could be executed as content by another user.

Impact

Exploitation of this vulnerability could lead to the execution of malicious files uploaded by an authenticated user, potentially allowing for unauthorized actions or access within the application.

Remediation

Users can upgrade to IBM Integrated Analytics System version 1.0.31.0-WebConsole-Special-Build-IM-IIAS-fp349. Instructions for deploying this special build are available in the IBM Documentation.

Added: Aug 24, 2025, 2:19 AM

Updated: Aug 24, 2025, 2:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Integrated Analytics System File Upload Vulnerability Allowing Execution of Malicious Files

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating