- Description
- IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a specially crafted EL statement.
- Source
- psirt@us.ibm.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@us.ibm.com
- CWE-917
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
#Vulnerability #CognosAnalytics CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/qm34iWVUif
@Komodosec
24 Dec 2024
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics CVE-2024-51466 CVE-2024-40695 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/mF7sh386YW #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
24 Dec 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IBM Cognos Analyticsに重大な脆弱性(CVE-2024-51466)が発見され、ELインジェクションによりリモートコード実行やサーバークラッシュのリスクがある。影響を受けるバージョンは12.0.0〜12.0.4および11.2.0〜11.2.4 FP4。IBMはアップデートを推奨。 https://t.co/HwFvPLTeoH
@01ra66it
22 Dec 2024
282 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 IBM Cognos Analytics Vulnerabilities Disclosed! https://t.co/Oyvb7bYtpy 🔍 Critical flaws (CVE-2024-51466 & CVE-2024-40695) identified in Cognos Analytics software threaten sensitive data and system integrity. 💡 Affected versions: 12.0.0 - 12.0.4 & 11.2.0 - 11.2.4
@GHak2learn27752
22 Dec 2024
151 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/wjqVJiIf7K
@Dinosn
22 Dec 2024
2094 Impressions
1 Retweet
5 Likes
3 Bookmarks
0 Replies
0 Quotes
🗣 CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics https://t.co/dA03MPugxB
@fridaysecurity
22 Dec 2024
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics Learn about the severe vulnerabilities in IBM Cognos Analytics platform (CVE-2024-51466 and CVE-2024-40695) and how to mitigate the risks. https://t.co/FK72QattTT
@the_yellow_fall
22 Dec 2024
338 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51466 Expression Language Injection in IBM Cognos Analytics Exploitable Vulnerability: IBM Cognos Analytics versions 11.2.0 to 11.2.4 FP4 and 12.0.0 to 12.0.4 have an Expression Language (EL) Injection v... https://t.co/iyXGn9FW75
@VulmonFeeds
20 Dec 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-51466: CRITICAL] IBM Cognos Analytics versions 11.2.0 to 11.2.4 FP4 and 12.0.0 to 12.0.4 are vulnerable to an Expression Language (EL) Injection flaw, allowing remote attackers to access sensitive data ...#cybersecurity,#vulnerability https://t.co/ZMZxgMuoOd https://t.c
@CveFindCom
20 Dec 2024
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51466 IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker co… https://t.co/LHiJ7o0HUn
@CVEnew
20 Dec 2024
353 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes