CVE-2024-25047

Sažetak

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/282956
https://security.netapp.com/advisory/ntap-20240621-0007/
https://www.ibm.com/support/pages/node/7149874
https://exchange.xforce.ibmcloud.com/vulnerabilities/282956
https://security.netapp.com/advisory/ntap-20240621-0007/
https://www.ibm.com/support/pages/node/7149874

CVSS

Base:	8.6
Impact:	4.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Zadnje važnije ažuriranje

02-07-2025 - 15:41

Objavljeno

02-05-2024 - 21:16