← back
CVE-2024-25035

IBM Cognos Controller information disclosure

CVSS 5.3 MEDIUMEPSS 0.3%CWE-497
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
IBM · Cognos Controller

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7177220