CVE-2024-41776
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-41776 is a newly disclosed vulnerability affecting IBM Cognos Controller versions 11.0.0 and 11.0.1. This issue enables attackers to carry out cross-site request forgeries, allowing them to execute unauthorized actions on the trusted website of the victim. An attacker can trick a user into visiting a malicious website or clicking on a specially crafted link, enabling them to perform actions on behalf of the user, potentially leading to significant data loss or system compromise. IBM strongly recommends users upgrade to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.