CVE-2023-32344

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 26, 2024
Updated: Jun 21, 2024
CWE ID 352

Summary

CVE-2023-32344 refers to a form action hijacking vulnerability impacting IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0. Malicious actors can exploit this issue by altering the form action to redirect to unintended paths. This could potentially lead to unauthorized data access or manipulation. IBM's X-Force has assigned ID 255898 to this security threat. This vulnerability poses a significant risk, as it allows attackers to bypass intended access controls. Users are advised to update their Cognos Analytics installations as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-32344 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database