CVE-2024-28778

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization.

Published: Jan 7, 2025
Updated: May 4, 2025
CVE: CVE-2024-28778
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-798

Affected Software
References

Software	From	Fixed in
ibm / cognos_controller	11.0.0	11.0.1.x
ibm / controller	11.1.0	11.1.0.x

https://www.ibm.com/support/pages/node/7179163

Vulnerability Database

290,206

CVE-2024-28778