Authorization Flaw in IBM Cognos Controller and IBM Controller
CVE-2024-45081

6.5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
19 February 2025

Summary

The vulnerability in IBM Cognos Controller and IBM Controller arises from improper authorization checks which could allow authenticated users to alter restricted content. This oversight has the potential to lead to significant data integrity issues and poses a risk to sensitive information management within the affected software versions.

Affected Version(s)

Cognos Controller 11.0.0 <= 11.0.1

Controller 11.1.0

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.