CVE-2024-31899

Summary

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.

Affected Software

VendorProductVersion RangeStatus
IBMCognos Command Center10.2.4.1, 10.2.5affected

Weaknesses

  • CWE-256: CWE-256 Plaintext Storage of a Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References