CVE-2024-25036
IBM Cognos Controller authentication bypass
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cognos Controller 11.0.0 and 11.0.1
could allow an authenticated user with local access to bypass security allowing users to circumvent restrictions imposed on input fields.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
IBM · Cognos ControllerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →