CVE-2024-40702

Published Jan 7, 2025

Last updated 2 months ago

CVSS high 8.2

Overview

Description
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation.
Source
psirt@us.ibm.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
8.2
Impact score
4.2
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Severity
HIGH

Weaknesses

psirt@us.ibm.com
CWE-295

Social media

Hype score
Not currently trending

  1. CVE-2024-40702 IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources du… https://t.co/Ld9sFoj9Pk

    @CVEnew

    7 Jan 2025

    294 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

References