CVE-2024-41739
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-41739 is a newly disclosed vulnerability affecting IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data. This issue stems from dependency confusion, allowing a remote attacker to execute unauthorized actions. The attacker can potentially exploit this weakness by tricking the system into loading a malicious library, taking advantage of the dashboard's dependency resolution mechanism. This vulnerability poses a serious risk, as it enables unauthenticated attackers to potentially gain control over the system and execute malicious code. Organizations using the affected versions of IBM Cognos Dashboards on Cloud Pak for Data are strongly advised to apply the available patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.