CVE-2024-45676

Summary

IBM Cognos Controller 11.0.0 and 11.0.1

could allow an authenticated user to upload insecure files, due to insufficient file type distinction.

Affected Software

VendorProductVersion RangeStatus
IBMCognos Controller11.0.0, 11.0.1affected

Weaknesses

  • CWE-351: CWE-351 Insufficient Type Distinction

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References