CVE-2024-45082 IBM Cognos Analytics HTTP open redirection

🗓️ 18 Dec 2024 16:15:12Reported by ibmType

IBM Cognos Analytics can be exploited for open redirection, allowing phishing attacks remotely.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-45082	18 Dec 202416:19	–	circl
CNNVD	IBM Cognos Analytics 输入验证错误漏洞	18 Dec 202400:00	–	cnnvd
CNVD	IBM Cognos Analytics Input Validation Error Vulnerability (CNVD-2025-00307)	25 Dec 202400:00	–	cnvd
CVE	CVE-2024-45082	18 Dec 202416:15	–	cve
EUVD	EUVD-2024-41366	3 Oct 202520:07	–	euvd
NVD	CVE-2024-45082	18 Dec 202417:15	–	nvd
Positive Technologies	PT-2024-31422 · Ibm · Ibm Cognos Analytics	18 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-45082	23 May 202506:26	–	redhatcve
Vulnrichment	CVE-2024-45082 IBM Cognos Analytics HTTP open redirection	18 Dec 202416:15	–	vulnrichment

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:11.2.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:11.2.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:11.2.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:11.2.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:12.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:12.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:12.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cognos_analytics:12.0.3:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Cognos Analytics",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "11.2.4",
        "status": "affected",
        "version": "11.2.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "12.0.3",
        "status": "affected",
        "version": "12.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7177223

18 Dec 2024 16:15Current

CVSS 3.16.8

EPSS0.0023

CWE-601