← Voltar para CVEs
CVE-2024-52902
HIGH8.8
Descricao
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the system.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado2/19/2025
Ultima modificacao7/25/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:cognos_controlleribm:controllermicrosoft:windows
Fraquezas (CWE)
CWE-798
Referencias
https://www.ibm.com/support/pages/node/7183597(psirt@us.ibm.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.