MEDIUM🇵🇱 Wersja polska

CVE-2024-45676

CVSS 4.3v3.1pub. 2024-12-03upd. 2024-12-11

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type distinction.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • IBM Cognos Controller

    APP
    Ibm
    11.0.011.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-4877CRITICAL9.8ten sam produkt

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using pu...

CVE-2020-4879CRITICAL9.8ten sam produkt

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions...

CVE-2024-28777HIGH8.8ten sam produkt

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted de...

CVE-2023-47160HIGH8.2ten sam produkt

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML Extern...

CVE-2024-45084HIGH8.0ten sam produkt

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attac...