Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2024-56340

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.

  • Published: Feb 28, 2025
  • Updated: May 4, 2025
  • CVE: CVE-2024-56340
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
ibm / cognos_analytics 11.2.4-fixpack1 11.2.4-fixpack1.x
ibm / cognos_analytics 11.2.4 11.2.4.x
ibm / cognos_analytics 11.2.0 11.2.4
ibm / cognos_analytics 11.2.4-fixpack2 11.2.4-fixpack2.x
ibm / cognos_analytics 11.2.4-fixpack3 11.2.4-fixpack3.x
ibm / cognos_analytics 12.0.0 12.0.4
ibm / cognos_analytics 11.2.4-fixpack4 11.2.4-fixpack4.x
ibm / cognos_analytics 11.2.4-fixpack5 11.2.4-fixpack5.x
ibm / cognos_analytics 12.0.4 12.0.4.x
ibm / cognos_analytics 12.0.4-interim_fix_1 12.0.4-interim_fix_1.x