Lucene search
+L

7 matches found

ibm
ibm
added 2025/04/30 6:35 p.m.41 views

Security Bulletin: IBM Cognos Analytics is vulnerable to Malicious File Upload and EL Injection vulnerabilities (CVE-2024-40695, CVE-2024-51466)

Summary IBM Cognos Analytics is considered vulnerable to a Malicious File Upload which could allow a privileged user to upload malicious files that can be automatically processed within the product CVE-2024-40695 and an Expression Language EL Injection which could allow a remote attacker to explo...

9CVSS8.5AI score0.00598EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2025/02/05 3:19 a.m.3 views

CVE-2024-51466

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language EL Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a...

9CVSS7AI score0.00598EPSS
Exploits0References1
circl
circl
added 2024/12/20 3:54 p.m.20 views

CVE-2024-51466

creationtimestamp| type| source ---|---|--- 2024-12-20 15:54:46+00:00| seen| https://t.me/cvedetector/13432 2024-12-21 07:08:33+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113689553325356856 2024-12-22 05:13:28+00:00| seen|...

9CVSS8.9AI score0.00598EPSS
Exploits0References6
nvd
nvd
added 2024/12/20 2:15 p.m.36 views

CVE-2024-51466

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language EL Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a...

9CVSS0.00598EPSS
Exploits0References1
cve
cve
added 2024/12/20 1:38 p.m.88 views

CVE-2024-51466

IBM Cognos Analytics (11.2.0–11.2.4 FP4 and 12.0.0–12.0.4) is vulnerable to an Expression Language (EL) Injection that can allow a remote attacker to disclose data, exhaust memory, or crash the server when processing crafted EL statements. Affected products/versions are explicitly listed in the v...

9CVSS9.1AI score0.00598EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/12/20 1:38 p.m.36 views

CVE-2024-51466 IBM Cognos Analytics expression language injection

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language EL Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a...

9CVSS0.00598EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/20 1:38 p.m.15 views

CVE-2024-51466 IBM Cognos Analytics expression language injection

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language EL Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a...

9CVSS7AI score0.00598EPSS
Exploits0References1
Rows per page
Query Builder