CVE-2023-28952

Medium

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided…

ibm·CWE-117·Published 2024-05-03

CVSS

5.3

EPSS

0.00

KEV

Exploits

cve.orgen

170 chars

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463.

NVDen

170 chars

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463.

NVDes

199 chars

IBM Cognos Controller 10.4.1, 10.4.2 y 11.0.0 es vulnerable a ataques de inyección en el registro de aplicaciones al no desinfectar los datos proporcionados por el usuario. ID de IBM X-Force: 251463.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N