Authorization Flaw in IBM Cognos Controller and IBM Controller
CVE-2024-45081
6.5MEDIUM
Summary
The vulnerability in IBM Cognos Controller and IBM Controller arises from improper authorization checks which could allow authenticated users to alter restricted content. This oversight has the potential to lead to significant data integrity issues and poses a risk to sensitive information management within the affected software versions.
Affected Version(s)
Cognos Controller 11.0.0 <= 11.0.1
Controller 11.1.0
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved