exploitDog

CVE-2024-41776

Опубликовано: 03 дек. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

IBM Cognos Controller 11.0.0 and 11.0.1

is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Ссылки

https://www.ibm.com/support/pages/node/7177220
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_controller:11.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00075

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-8x98-cpj8-mjx8

CVSS3: 6.5

github

около 1 года назад

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

EPSS

Процентиль: 23%

0.00075

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-352