IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type distinction.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NIBM Cognos Controller
APPIbm11.0.011.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References
Related vulnerabilities
CVE-2020-4877CRITICAL9.8ten sam produkt
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using pu...
CVE-2020-4879CRITICAL9.8ten sam produkt
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions...
CVE-2024-28777HIGH8.8ten sam produkt
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted de...
CVE-2023-47160HIGH8.2ten sam produkt
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML Extern...
CVE-2024-45084HIGH8.0ten sam produkt
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attac...