IBM Jazz Reporting Service DoS via query resource exhaustion
CVE-2025-2134 Published on February 4, 2026

IBM Jazz Reporting Service Denial of Service
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

LOW

Weakness Type

Insufficient Resource Pool

The software's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources. Frequently the consequence is a "flood" of connection or sessions.

Products Associated with CVE-2025-2134

Want to know whenever a new CVE is published for IBM Jazz Reporting Service? stack.watch will email you.

IBM Jazz Reporting Service

Affected Versions

IBM Jazz Reporting Service:

Version 7.1, <= 7.1iFix006 is affected.
Version 7.0.3, <= 7.0.3iFix020 is affected.

Exploit Probability

EPSS

0.04%

Percentile

10.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

IBM Jazz Reporting Service DoS via query resource exhaustionCVE-2025-2134 Published on February 4, 2026

Vulnerability Analysis

Weakness Type

Insufficient Resource Pool

Products Associated with CVE-2025-2134

Affected Versions

Exploit Probability

IBM Jazz Reporting Service DoS via query resource exhaustion
CVE-2025-2134 Published on February 4, 2026