CVE-2024-45081
IBM Cognos Controller incorrect authorization
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
19 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0
could allow an authenticated user to modify restricted content due to incorrect authorization checks.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N