CVE-2024-45081 MEDIUM

CVE-2024-45081: IBM Cognos Controller incorrect authorization

Vendor Ibm

Product Cognos Controller

Weakness CWE-863 · Incorrect authorization

Published February 19, 2025

Last update August 15, 2025

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks.

Key dates

02Disclosure timeline

February 19, 2025 CVE published

August 15, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-45081

Related vulnerabilities

Identifiers

CVE CVE-2024-45081

CWE CWE-863

CVSS 6.5 / MEDIUM

Affected versions

Vendor Ibm

Product Cognos Controller

Affected ≥ 11.0.0 and ≤ 11.0.1

Vendor Ibm

Product Controller

Affected 11.1.0

CVE-2024-45081: IBM Cognos Controller incorrect authorization

01Description

02Disclosure timeline

03References

04Related CVE