CVE-2024-45081

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7183597	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ibm:cognos_controller::::::::
	cpe:2.3:a:ibm:controller:11.1.0:::::::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

25 Jul 2025, 20:28

Type	Values Removed	Values Added
References	~~() https://www.ibm.com/support/pages/node/7183597 -~~	() https://www.ibm.com/support/pages/node/7183597 - Vendor Advisory
First Time		Microsoft windows Ibm controller Ibm Ibm cognos Controller Microsoft
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:ibm:cognos_controller:::::::: cpe:2.3:a:ibm:controller:11.1.0:::::::*
Summary		(es) IBM Cognos Controller 11.0.0 a 11.0.1 FP3 e IBM Controller 11.1.0 podrían permitir que un usuario autenticado modifique contenido restringido debido a verificaciones de autorización incorrectas.

19 Feb 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-19 16:15

Updated : 2025-07-25 20:28

NVD link : CVE-2024-45081

Mitre link : CVE-2024-45081

CVE.ORG link : CVE-2024-45081

JSON object : View

Products Affected

ibm

cognos_controller
controller

microsoft

windows

CWE

CWE-863

Incorrect Authorization

6.5 /10