CVE-2023-40695

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 3, 2024

Updated: May 6, 2024

CWE ID 613

Summary

CVE-2023-40695 is a vulnerability affecting IBM Cognos Controller versions 10.4.1, 10.4.2, and 11.0.0. This issue permits an authenticated user to maintain their session after logging out, allowing them to impersonate another user on the system. IBM's X-Force has assigned ID 264938 to this vulnerability. This security weakness could lead to serious privacy concerns and unauthorized access to sensitive information within the affected Cognos Controller environment. Users are strongly encouraged to update their systems as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sY5xGu
https://www.cve.org/CVERecord?id=CVE-2023-40695
https://nvd.nist.gov/vuln/detail/CVE-2023-40695

Back to Vulnerability Database

CVE-2023-40695

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations