CVE-2024-51466

CRITICAL Year: 2024
CVSS v3 Score
9.0
Critical
Weakness Type
CWE-917
View all →

Vulnerability Description

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a specially crafted EL statement.

Related Vulnerabilities

CVE-2021-45046

CRITICAL
CVSS:9.0(Critical)

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) ...

CWE-9172021

CVE-2010-1871

HIGH
CVSS:8.8(High)

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows rem...

CWE-9172010

CVE-2019-11942

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11943

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11948

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11951

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019