April 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Google Calendar Abused by Persistent Phishing Attack to Avoid Spam Filters
December 19, 2024HubPhish Targets 20,000 European Users for Credential Theft by Abusing HubSpot Tools – Active IOCs
December 19, 2024Google Calendar Abused by Persistent Phishing Attack to Avoid Spam Filters
December 19, 2024HubPhish Targets 20,000 European Users for Credential Theft by Abusing HubSpot Tools – Active IOCs
December 19, 2024
Severity
Medium
Analysis Summary
CVE-2024-25042 CVSS:5.4
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.
CVE-2024-45082 CVSS:6.8
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted.
CVE-2024-41752 CVSS:5.4
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
CVE-2023-50956 CVSS:4.4
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
CVE-2024-47119 CVSS:5.9
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.
CVE-2024-47104 CVSS:6.8
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object management rights to the physical file. A malicious actor can use the elevated privileges to perform actions restricted by their view privileges.
Impact
- Information Disclosure
- Cross-Site Scripting
- Gain Access
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-25042
- CVE-2024-45082
- CVE-2024-41752
- CVE-2023-50956
- CVE-2024-47119
- CVE-2024-47104
Affected Vendors
IBM
Affected Products
- IBM Cognos Analytics - 11.2.0 - 12.0.0
- IBM Storage Defender - Resiliency Service - 2.0.0
- IBM i - 7.4
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.
