XML External Entity Injection Vulnerability in IBM Cognos Analytics
CVE-2024-49352
7.1HIGH
What is CVE-2024-49352?
IBM Cognos Analytics is susceptible to an XML External Entity Injection attack, allowing a remote adversary to manipulate XML data processing. By exploiting this vulnerability, attackers could access sensitive information or deplete system resources, potentially leading to significant operational disruptions.
Affected Version(s)
Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4