Vulnerability in Ibm Cognos Analytics
CVE-2024-25047
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 2…
EPSS: 0.001 (18.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N.
Affected products
- Ibm Cognos Analytics — versions 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-25047?
- CVE-2024-25047 is a high-severity vulnerability in Ibm Cognos Analytics, classified under Improper Output Neutralization for Logs. CVSS score: 8.6/10. Published 2024-05-02.
- How severe is CVE-2024-25047?
- High severity. CVSS v3 base score is 8.6 out of 10.