admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-25053.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

18 lines
1009 B
Markdown
Raw Permalink Blame History

### [CVE-2024-25053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25053)
![](https://img.shields.io/static/v1?label=Product&message=Cognos%20Analytics&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=11.2.0%2C%2011.2.1%2C%2011.2.2%2C%2011.2.3%2C%2011.2.4%2C%2012.0.0%2C%2012.0.1%2C%2012.0.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-295%20Improper%20Certificate%20Validation&color=brightgreen)
### Description
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between IBM Planning Analytics server and IBM Cognos Analytics server. IBM X-Force ID: 283364.
### POC
#### Reference
- https://www.ibm.com/support/pages/node/7156941
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink