CVE-2024-41739 HIGH

CVE-2024-41739: IBM Cognos Dashboards on Cloud Pak for Data privilege escalation

Vendor Ibm
Product Cognos Dashboards on Cloud Pak for Data
Weakness CWE-427
Published January 24, 2025
Last update January 27, 2025

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion.

Key dates

02Disclosure timeline

January 24, 2025 CVE published
January 27, 2025 Record updated