CVE-2024-40691
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 3, 2024
Updated: Dec 11, 2024
CWE ID 434
Summary
CVE-2024-40691 is a vulnerability affecting IBM Cognos Controller versions 11.0.0 and 11.0.1. This issue allows attackers to upload malicious files to the system through the web interface without proper validation, increasing the risk of executable files being introduced into the system. Attackers can exploit this vulnerability by uploading malicious files, which could potentially be sent to victims for further attacks. This weakness exposes organizations using the IBM Cognos Controller to potential security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share