CVE-2024-56340

Medium CVSS: 6.5

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.

Vendor

Ibm

Product

Cognos Analytics

CWE

CWE-23

Yayın Tarihi

2025-02-28 03:15:10

Güncelleme

2025-10-17 16:15:36

Source Identifier

psirt@us.ibm.com

KEV Date Added

Kategoriler

CWE-23 Cognos Analytics MEDIUM Ibm 2025

Referanslar

https://www.ibm.com/support/pages/node/7183676 https://github.com/MarioTesoro/vulnerability-research/tree/main/CVE-2024-56340

Benzer Kayıtlar

Medium

CVE-2026-1243

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authe…

Low

CVE-2025-66487

IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send em…

Medium

CVE-2025-66486

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML co…

Medium

CVE-2025-66485

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by…

Medium

CVE-2025-66484

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to…

Medium

CVE-2025-66483

IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authentic…