IBM Cognos Controller and IBM Controller Artifactory API Key Exposure Vulnerability

Vulnerability

A vulnerability exists in IBM Cognos Controller versions 11.0.0 to 11.0.1 and IBM Controller 11.1.0, allowing for the exposure of Artifactory API keys. This issue enables users to publish code to private packages or repositories under their organization's name.

Impact

Exploitation of this vulnerability could lead to unauthorized publishing of code to private organizational repositories, potentially allowing for the introduction of malicious code or the misuse of proprietary resources.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Controller and IBM Controller Artifactory API Key Exposure Vulnerability

Vulnerability

Impact

Affected Products

IBM Cognos Controller

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating