FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-25047

Improper Output Neutralization for Logs (CWE-117)

Published: May 2, 2024 / Updated: 6mo ago

010
CVSS 8.6EPSS 0.04%High
CVE info copied to clipboard

Summary

IBM Cognos Analytics versions 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 are vulnerable to injection attacks in application logging due to lack of sanitization of user provided data. This could allow an attacker to conduct further attacks against the system.

Impact

An attacker could potentially inject malicious code into the application logs, enabling further compromise of the system. This could lead to data theft, system misuse, or other malicious actions depending on the level of access gained.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Based on the information provided, there does not appear to be an explicit mention of a patch being available. However, upgrading to a newer version of IBM Cognos Analytics that addresses this vulnerability would mitigate the risk.

Mitigation

Mitigations should include applying the latest security updates from IBM for Cognos Analytics. Additionally, restrict access to the logging functionality, monitor logs for any suspicious entries, and follow secure coding practices to properly sanitize all user input.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2024-25047. See article

May 2, 2024 at 7:08 PM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

May 2, 2024 at 7:09 PM
CVE Assignment

NVD published the first details for CVE-2024-25047

May 2, 2024 at 9:16 PM
CVSS

A CVSS base score of 8.6 has been assigned.

May 2, 2024 at 9:20 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.2%)

May 3, 2024 at 10:02 AM
Static CVE Timeline Graph

Affected Systems

Ibm/cognos_analytics
+null more

Links to Mitre Att&cks

T1070: Indicator Removal on Host
+null more

Attack Patterns

CAPEC-268: Audit Log Manipulation
+null more

News

CVE-2024-25047
CyberSecurityBoard.com Cyber News | RSS Feed / 5mo
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956. CVE-2024-25047 originally published on CyberSecurityBoard
May 2024 IBM Cognos Analytics Vulnerabilities in NetApp Products
NetApp Security Advisories / 5mo
Management Services for Element Software and NetApp HCI NetApp HCI Baseboard Management Controller (BMC) - H410C
Security Bulletin 08 May 2024 - Cyber Security Agency of Singapore
""remote code execution"" - Google News / 6mo
Security Bulletin 08 May 2024 Cyber Security Agency of Singapore
Vulnerability Summary for the Week of April 29, 2024
Cybersecurity and Infrastructure Security Agency CISA / 6mo
Vulnerability Summary for the Week of April 29, 2024 bjackson May 06, 2024 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 8theme -- xstore Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5. 2024-04-29 9.3 CVE-2024-33559 audit@patchstack.com 8theme -- xstore Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore allows Reflected XSS.This issue affects XStore: from n/a through 9.3.5. 2024-04-29 7.1 CVE-2024-33562 audit@patchstack.com 8theme -- xstore_core Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5. 2024-04-29 9.3 CVE-2024-33551 audit@patchstack.com 8theme -- xstore_core Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. 2024-04-29 9 CVE-2024-33553 audit@patchstack.com 8theme -- xstore_core Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-25047
Updated CVEs from Tenable / 6mo
High Severity Description IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956. Read more at https://www.tenable.com/cve/CVE-2024-25047
See 8 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Changed
Confidentiality:None
Integrity:High
Availability Impact:None

Categories

CVSS 8.6(18246)CWE-117(81)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial