CVE-2024-51466 - CERT CVE
ID CVE-2024-51466
Sažetak IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a specially crafted EL statement.
Reference
CVSS
Base: 9.0
Impact: 6.0
Exploitability:2.2
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 20-12-2024 - 14:15
Objavljeno 20-12-2024 - 14:15