PT-2025-2608 · Ibm · Ibm Cognos Dashboards
Published
2025-01-24
·
Updated
2025-08-14
·
CVE-2024-41739
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Cognos Dashboards versions 4.0.7 through 5.0.0
Description
The issue is related to dependency confusion, allowing a remote attacker to perform unauthorized actions. This could potentially lead to privilege escalation.
Recommendations
For IBM Cognos Dashboards version 4.0.7, update to a version that fixes the dependency confusion issue.
For IBM Cognos Dashboards version 5.0.0, update to a version that fixes the dependency confusion issue.
As a temporary workaround, consider restricting access to the affected IBM Cognos Dashboards versions until a patch is available.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cognos Dashboards