CVE-2026-5065 - Vulnerability Details - OpenCVE

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Controller

No data.

No data.

No data.

References

Link	Providers
https://www.ibm.com/support/pages/node/7273004

History

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Title		IBM Controller is affected by vulnerabilities
First Time appeared		Ibm Ibm controller
Weaknesses		CWE-798
CPEs		cpe:2.3:a:ibm:controller:11.0.1:::::::* cpe:2.3:a:ibm:controller:11.1.0:::::::* cpe:2.3:a:ibm:controller:11.1.1:::::::* cpe:2.3:a:ibm:controller:11.1.2:::::::*
Vendors & Products		Ibm Ibm controller
References		https://www.ibm.com/support/pages/node/7273004
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-05-27T12:56:54.827Z

Updated: 2026-05-27T12:56:54.827Z

Reserved: 2026-03-27T21:12:55.757Z

Link: CVE-2026-5065

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:33.947

Modified: 2026-05-27T14:53:51.833

Link: CVE-2026-5065

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5065", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-03-27T21:12:55.757Z", "datePublished": "2026-05-27T12:56:54.827Z", "dateUpdated": "2026-05-27T12:56:54.827Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T12:56:54.827Z"}, "title": "IBM Controller is affected by vulnerabilities", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Controller", "versions": [{"status": "affected", "version": "11.0.1", "lessThanOrEqual": "26.0.0.5", "versionType": "semver"}, {"status": "affected", "version": "11.1.0"}, {"status": "affected", "version": "11.1.1"}, {"status": "affected", "version": "11.1.2"}], "cpes": ["cpe:2.3:a:ibm:controller:11.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:controller:11.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:controller:11.1.2:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7273004", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "It is strongly recommended that you apply the most recent security updates:\n\n\n\n\n\n\n\nAffected Product(s)Version(s)FixIBM Controller11.0.1 - 11.1.2 https://www.ibm.com/mysupport.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><div><div><div>It is strongly recommended that you apply the most recent security updates:</div></div></div></div><div><table><tbody><tr><td><strong>Affected Product(s)</strong></td><td><strong>Version(s)</strong></td><td><strong>Fix</strong></td></tr><tr><td>IBM Controller</td><td>11.0.1 - 11.1.2</td><td><a href=\"https://www.ibm.com/software/passportadvantage/pao-customer\" rel=\"nofollow\">Download IBM Controller 11.1.3 from Passport Advantage</a></td></tr></tbody></table></div><p><br>IBM Controller 11.1.3 are available for Cloud deployments. To schedule an upgrade to this release for either your non-production or production environment, log a support case at <a href=\"https://www.ibm.com/mysupport.\" rel=\"nofollow\">https://www.ibm.com/mysupport.</a></p>"}]}], "x_generator": {"engine": "ibm-cvegen"}}}}