could allow an authenticated attacker to conduct formula injection. An attacker could execute arbitrary commands on the system, caused by improper validation of file contents.
Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7183597 |
![]() ![]() |
Mon, 29 Sep 2025 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-502 |
Mon, 29 Sep 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1236 |
Fri, 15 Aug 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:ibm:cognos_controller:11.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cognos_controller:11.0.1:fix_pack_3:*:*:*:*:*:* |
Fri, 25 Jul 2025 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Microsoft
Microsoft windows |
|
CPEs | cpe:2.3:a:ibm:cognos_controller:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:controller:11.1.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Microsoft
Microsoft windows |
Wed, 19 Feb 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 19 Feb 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. An attacker could execute arbitrary commands on the system, caused by improper validation of file contents. | |
Title | IBM Cognos Controller CSV injection | |
Weaknesses | CWE-502 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-29T17:55:20.228Z
Reserved: 2024-08-21T19:11:05.063Z
Link: CVE-2024-45084

Updated: 2025-02-19T16:24:24.398Z

Status : Modified
Published: 2025-02-19T16:15:39.900
Modified: 2025-09-29T18:15:30.867
Link: CVE-2024-45084

No data.

Updated: 2025-07-13T21:06:40Z