CVE-2024-25047

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.

Published: May 2, 2024
Updated: May 3, 2024
CVE: CVE-2024-25047
Exploit:

No technical information available.

CWEs:

CWE-117

Affected Software
References

Software	From	Fixed in
ibm / cognos_analytics	11.2.4-fixpack1	11.2.4-fixpack1.x
ibm / cognos_analytics	11.2.4	11.2.4.x
ibm / cognos_analytics	11.2.0	11.2.4
ibm / cognos_analytics	12.0.0	12.0.3
ibm / cognos_analytics	11.2.4-fixpack2	11.2.4-fixpack2.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/282956
https://security.netapp.com/advisory/ntap-20240621-0007/
https://www.ibm.com/support/pages/node/7149874

Vulnerability Database

290,206

CVE-2024-25047