Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 10:35 a.m.13 views

CVE-2024-40703

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...

5.5CVSS5.7AI score0.00142EPSS
Exploits0
ibm
ibm
added 2024/09/25 3:56 p.m.16 views

Security Bulletin: IBM Cognos Analytics Reports mobile client application (iOS) is vulnerable to unauthorized attacks due to an exposed API key (CVE-2024-40703)

Summary An exposed API key in IBM Cognos Analytics could allow an unauthorized attacker to send unsolicited push notification alerts to IBM Cognos Analytics Reports mobile client applications. IBM Cognos Analytics has addressed the applicable CVE by revoking the exposed API key. Revocation of thi...

5.5CVSS5.1AI score0.00142EPSS
Exploits0Affected Software2
vulnrichment
vulnrichment
added 2024/09/22 12:20 p.m.20 views

CVE-2024-40703 IBM Cognos Analytics information disclosure

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...

5.5CVSS5.7AI score0.00142EPSS
Exploits0References2
cvelist
cvelist
added 2024/09/22 12:20 p.m.36 views

CVE-2024-40703 IBM Cognos Analytics information disclosure

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...

5.5CVSS0.00142EPSS
Exploits0References2
ibm
ibm
added 2024/09/21 10:2 p.m.22 views

Security Bulletin: IBM Cognos Analytics is vulnerable to unauthorized attacks due to an exposed API key (CVE-2024-40703)

Summary An exposed API key in IBM Cognos Analytics could allow an unauthorized attacker to send unsolicited push notification alerts to IBM Cognos Analytics Mobile client applications. IBM Cognos Analytics has addressed the applicable CVE by revoking the exposed API key. Revocation of this API ke...

5.5CVSS5.1AI score0.00142EPSS
Exploits0Affected Software2
Rows per page
Query Builder