Cyber Resilience

CVE-2024-52902

High

Published: 19 February 2025

Published
19 February 2025
Modified
25 July 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 28.8th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52902 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Ibm Cognos Controller. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Valid Accounts (T1078); ranked at the 28.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2024-52902 is a high-severity vulnerability (CVSS 3.1 score of 8.8) affecting IBM Cognos Controller versions 11.0.0 through 11.0.1 FP3 and the IBM Controller 11.1.0 client application. The issue stems from hard-coded database passwords embedded in the source code (CWE-798: Use of Hard-coded Credentials), which exposes credentials that could enable unauthorized system access. Published on 2025-02-19, this flaw allows attackers to bypass authentication mechanisms by extracting and reusing the static passwords.

An attacker with low privileges (PR:L), such as an authenticated user with network access (AV:N), can exploit this vulnerability with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation grants unauthorized access to the database and underlying system, resulting in high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) within the unchanged scope (S:U). This could lead to data exfiltration, modification, or disruption of IBM Controller services.

IBM has issued a security advisory with details on mitigation and patching at https://www.ibm.com/support/pages/node/7183597. Security practitioners should review this bulletin for version-specific fixes and apply updates promptly to affected deployments.

EU & UK References

Vulnerability details

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1078 Valid Accounts Stealth
Adversaries may obtain and abuse credentials of existing accounts as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Why these techniques?

Hard-coded credentials directly enable extraction and reuse of valid accounts (T1078) and represent unsecured credentials discoverable in application artifacts (T1552).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-28777Same product: Ibm Cognos Controller
CVE-2024-45084Same product: Ibm Cognos Controller
CVE-2024-40702Same product: Ibm Cognos Controller
CVE-2026-5065Same product: Ibm Controller
CVE-2023-47160Same product: Ibm Cognos Controller
CVE-2025-33089Same vendor: Ibm
CVE-2025-13691Same vendor: Ibm
CVE-2026-7414Shared CWE-798
CVE-2025-58744Same product: Microsoft Windows
CVE-2025-1242Shared CWE-798

Affected Assets

ibm
cognos controller
11.0.0 — 11.0.1.4
ibm
controller
11.1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventrecover

Requires timely identification, testing, and installation of patches to directly remediate the hard-coded database passwords in IBM Cognos Controller source code.

prevent

Mandates protection of authenticator content from unauthorized disclosure and modification, directly preventing embedding of hard-coded passwords in application source code.

detect

Enables ongoing vulnerability scanning to identify hard-coded credential flaws like those in CVE-2024-52902 for prompt remediation.

References