CVE-2023-50324

Published: Mar 1, 2024Modified: Apr 23, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038.

Affected (2)

Products: Ibm: Cognos Command Center

Ibm

1 product

Cognos Command Center

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Cognos Command Center	Version 10.2.4.1
Ibm Cognos Command Center	Version 10.2.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/275038

Source: psirt@us.ibm.com

Vendor Advisory

https://www.ibm.com/support/pages/node/7112504

Source: psirt@us.ibm.com

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/275038

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.ibm.com/support/pages/node/7112504

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.