CVE-2024-51466

Published Dec 20, 2024

Last updated 5 days ago

Overview

Description
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a specially crafted EL statement.
Source
psirt@us.ibm.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
9
Impact score
6
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@us.ibm.com
CWE-917

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. #Vulnerability #CognosAnalytics CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/qm34iWVUif

    @Komodosec

    24 Dec 2024

    111 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Threat Alert: CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics CVE-2024-51466 CVE-2024-40695 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/mF7sh386YW #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    24 Dec 2024

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. IBM Cognos Analyticsに重大な脆弱性(CVE-2024-51466)が発見され、ELインジェクションによりリモートコード実行やサーバークラッシュのリスクがある。影響を受けるバージョンは12.0.0〜12.0.4および11.2.0〜11.2.4 FP4。IBMはアップデートを推奨。 https://t.co/HwFvPLTeoH

    @01ra66it

    22 Dec 2024

    282 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 IBM Cognos Analytics Vulnerabilities Disclosed! https://t.co/Oyvb7bYtpy 🔍 Critical flaws (CVE-2024-51466 & CVE-2024-40695) identified in Cognos Analytics software threaten sensitive data and system integrity. 💡 Affected versions: 12.0.0 - 12.0.4 & 11.2.0 - 11.2.4

    @GHak2learn27752

    22 Dec 2024

    151 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/wjqVJiIf7K

    @Dinosn

    22 Dec 2024

    2094 Impressions

    1 Retweet

    5 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  6. 🗣 CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/dA03MPugxB

    @fridaysecurity

    22 Dec 2024

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics Learn about the severe vulnerabilities in IBM Cognos Analytics platform (CVE-2024-51466 and CVE-2024-40695) and how to mitigate the risks. https://t.co/FK72QattTT

    @the_yellow_fall

    22 Dec 2024

    338 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2024-51466 Expression Language Injection in IBM Cognos Analytics Exploitable Vulnerability: IBM Cognos Analytics versions 11.2.0 to 11.2.4 FP4 and 12.0.0 to 12.0.4 have an Expression Language (EL) Injection v... https://t.co/iyXGn9FW75

    @VulmonFeeds

    20 Dec 2024

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. [CVE-2024-51466: CRITICAL] IBM Cognos Analytics versions 11.2.0 to 11.2.4 FP4 and 12.0.0 to 12.0.4 are vulnerable to an Expression Language (EL) Injection flaw, allowing remote attackers to access sensitive data ...#cybersecurity,#vulnerability https://t.co/ZMZxgMuoOd https://t.c

    @CveFindCom

    20 Dec 2024

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2024-51466 IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker co… https://t.co/LHiJ7o0HUn

    @CVEnew

    20 Dec 2024

    353 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes