CVE-2024-25047

HIGH Year: 2024
CVSS v3 Score
8.6
High
Weakness Type
CWE-117
View all →

Vulnerability Description

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.

Related Vulnerabilities

CVE-2023-4571

HIGH
CVSS:8.6(High)

In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log fil...

CWE-1172023

CVE-2024-0095

CRITICAL
CVSS:9.0(Critical)

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful e...

CWE-1172024

CVE-2022-22151

HIGH
CVSS:8.1(High)

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01...

CWE-1172022

CVE-2024-8334

MEDIUM
CVSS:8.1(High)

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/lo...

CWE-1172024

CVE-2023-3997

HIGH
CVSS:7.8(High)

Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user’s terminal. A third party can send Splunk SOAR a maliciously crafted web request co...

CWE-1172023

CVE-2020-25646

HIGH
CVSS:7.5(High)

A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality

CWE-1172020