CVE-2024-45676

Medium

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type…

ibm·CWE-351·Published 2024-12-03

CVSS

4.3

EPSS

0.00

KEV

Exploits

cve.orgen

150 chars

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type distinction.

NVDen

150 chars

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type distinction.

IBM Cognos Controller 11.0.0 y 11.0.1 podrían permitir que un usuario autenticado cargue archivos inseguros debido a una distinción insuficiente del tipo de archivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N