CVE-2024-28778

Published Jan 7, 2025

Last updated 2 months ago

CVSS medium 6.5

Overview

Description: IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization.
Source: psirt@us.ibm.com
NVD status: Received

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

psirt@us.ibm.com: CWE-798

Hype score: Not currently trending

CVE-2024-28778 IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish co… https://t.co/lUvVMHB3DJ
@CVEnew
7 Jan 2025
328 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes

References