CVE-2024-45081

MEDIUM

IBM Cognos Controller 11.0.0-11.0.1 FP3 & 11.1.0 - Privilege Escala...

Title source: llm
STIX 2.1

Description

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7183597

Scores

CVSS v3 6.5
EPSS 0.0008
EPSS Percentile 24.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-863
Status published
Products (2)
ibm/cognos_controller 11.0.0 - 11.0.1.4
ibm/controller 11.1.0
Published Feb 19, 2025
Tracked Since Feb 18, 2026