CVE-2024-31899
EUVD-2024-2975726.09.2024, 14:15
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | cognos_command_center | 10.2.4.1 |
| ibm | cognos_command_center | 10.2.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-256 - Plaintext Storage of a PasswordStoring a password in plaintext may result in a system compromise.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.