Input Field Bypass in IBM Cognos Controller Versions 11.0.0 and 11.0.1
CVE-2024-25036
3.3LOW
Summary
A security vulnerability in IBM Cognos Controller versions 11.0.0 and 11.0.1 allows an authenticated user with local access to bypass security controls, enabling the circumvention of restrictions placed on input fields. This flaw poses a risk of unauthorized access to sensitive functionalities without proper validation. Users of these versions should review their security configurations and apply necessary mitigations.
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published