VYPR
Unrated severityNVD Advisory· Published Apr 2, 2025· Updated Feb 26, 2026

IBM Jazz Reporting Service insufficient session expiration

CVE-2024-25051

Description

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Jazz Reporting Servicecpe-rescue2 versions
    cpe:2.3:a:ibm:jazz_reporting_service:7.0.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:jazz_reporting_service:7.0.2:*:*:*:*:*:*:*range: 7.0.2
    • (no CPE)range: 7.0.2, 7.0.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.