CVE-2024-28780

Summary

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client 

uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Affected Software

VendorProductVersion RangeStatus
IBMCognos Controller11.0.0 <= 11.0.1affected
IBMController11.1.0affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References