CVE-2024-40691

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 3, 2024
Updated: Dec 11, 2024
CWE ID 434

Summary

CVE-2024-40691 is a vulnerability affecting IBM Cognos Controller versions 11.0.0 and 11.0.1. This issue allows attackers to upload malicious files to the system through the web interface without proper validation, increasing the risk of executable files being introduced into the system. Attackers can exploit this vulnerability by uploading malicious files, which could potentially be sent to victims for further attacks. This weakness exposes organizations using the IBM Cognos Controller to potential security risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share