IBM Jazz Reporting Service AuthenticateDDoS via MemoryExhausting SQL
CVE-2025-1823 Published on February 4, 2026
IBM Jazz Reporting Service Denial of Service
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources.
Vulnerability Analysis
Weakness Type
Allocation of Resources Without Limits or Throttling
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Products Associated with CVE-2025-1823
Want to know whenever a new CVE is published for IBM Jazz Reporting Service? stack.watch will email you.
Affected Versions
IBM Jazz Reporting Service:- Version 7.1, <= 7.1iFix006 is affected.
- Version 7.0.3, <= 7.0.3iFix020 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.