← voltar
CVE-2025-36326

IBM Controller information disclosure

CVSS 3.7 LOWEPSS 0.2%CWE-321
IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow an attacker to obtain sensitive information due to the use of hardcoded cryptographic keys for signing session cookies.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
IBM · Cognos ControllerIBM · Controller

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.ibm.com/support/pages/node/7246015