Cognos Command Center Exposes Sensitive User Information

CVE-2024-31899

4.3MEDIUM

Key Information

Vendor: IBM
Status: Cognos Command Center
Vendor: CVE Published:; 26 September 2024

Summary

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.

Affected Version(s)

Cognos Command Center = 10.2.4.1, 10.2.5

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 26, 2024
Vulnerability Reserved.
Apr 7, 2024

Collectors

NVD DatabaseMitre Database