CVE-2024-45081

CWE-863Incorrect Authorization3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 75.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Cognos ControllerIBM Controller
Timeline
PublishedFeb 19

Description

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDibm/cognos_controller11.0.011.0.1.4
CVEListV5ibm/cognos_controller11.0.011.0.1
CVEListV5ibm/controller11.1.0
NVDibm/controller11.1.0

🔴Vulnerability Details

2
GHSA
GHSA-5372-pcfg-3593: IBM Cognos Controller 112025-02-19
CVEList
IBM Cognos Controller incorrect authorization2025-02-19
CVE-2024-45081 (MEDIUM CVSS 6.5) | IBM Cognos Controller 11.0.0 throug | cvebase.io