IBM Warns of Malicious File Upload & Injection Vulnerabilities in Cognos Analytics

IBM has issued a security bulletin highlighting two critical vulnerabilities in its Cognos Analytics platform.

These vulnerabilities, identified as CVE-2023-42017 and CVE-2024-51466, pose significant risks, including unauthorized file uploads and sensitive information exposure.

Users are urged to update their systems promptly to mitigate potential threats.

Details of the Vulnerabilities

  1. Malicious File Upload (CVE-2023-42017)
    This vulnerability arises from improper validation of file content uploaded through the web interface. A privileged user can exploit this flaw to upload malicious executable files, which could then be used for further attacks.
  2. The vulnerability is categorized under CWE-434 (Unrestricted Upload of File with Dangerous Type) and has a CVSS base score of 8.0, indicating high severity.
  3. Expression Language (EL) Injection (CVE-2024-51466)
    The EL Injection vulnerability allows remote attackers to exploit improperly neutralized special elements in EL statements.
  4. This could lead to sensitive data exposure, resource exhaustion, or server crashes. Classified under CWE-917 (Improper Neutralization of Special Elements in EL Statements), it carries a critical CVSS base score of 9.0. Attackers can exploit this without user interaction or prior authentication.

Affected Products and Versions

The vulnerabilities impact the following versions of IBM Cognos Analytics:

ProductVersions Affected
IBM Cognos Analytics12.0.0 – 12.0.4
IBM Cognos Analytics11.2.0 – 11.2.4 FP4

Remediation and Recommendations

IBM strongly advises users to upgrade to the latest versions to address these vulnerabilities:

ProductVersion(s)Fix Version
IBM Cognos Analytics12.0.0 – 12.0.412.0.4 Interim Fix 1
IBM Cognos Analytics11.2.0 – 11.2.4 FP411.2.4 FP5

No workarounds or mitigations are available for these issues; upgrading is the only solution.

These vulnerabilities highlight the importance of maintaining updated software systems to prevent exploitation by attackers.

Organizations using IBM Cognos Analytics should prioritize applying the recommended fixes immediately to safeguard their environments against potential breaches or service disruptions.

For future updates on security bulletins, users are encouraged to subscribe to IBM’s notification services for timely alerts on critical vulnerabilities and fixes.

Also Read:

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here