First published: Fri Jan 24 2025(Updated: )
IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cognos Dashboards | >=4.0.7<=5.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-41739 has a high severity rating due to its potential for unauthorized access by remote attackers.
To fix CVE-2024-41739, ensure that you update IBM Cognos Dashboards to the latest version that addresses the dependency confusion vulnerability.
CVE-2024-41739 affects IBM Cognos Dashboards versions 4.0.7 to 5.0.0.
Yes, CVE-2024-41739 can be exploited remotely, allowing attackers to perform unauthorized actions.
If you are using an affected version of IBM Cognos Dashboards, you should immediately apply the necessary security updates to mitigate the vulnerability.