Security Advisory

CVE-2024-25020

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-03 17:12:31

Last updated 2024-12-03 17:55:03

Assigner ibm

State PUBLISHED

Description

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by allowing unrestricted filetype attachments in the Journal entry page. Attackers can make use of this weakness and upload malicious executable files into the system and can be sent to victims for performing further attacks.

← Browse all CVEs View on cve.org ↗