VDB
CVE-2023-38009
CVE-2023-38009
PUBLISHED
CVSS 4.199999809265137 MEDIUM
IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning.
EPSS 0.06% · 18.6th percentile
Risk Scores
CVSS 3.1
4.199999809265137
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.06%
18.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | cognos_analytics | 1.1 |
| IBM | Cognos Analytics Mobile | 1.1, 1.1 |
Exploit Intelligence
- CIRCL seen: CVE-2023-38009 (circl-sighting)
- CIRCL seen: CVE-2023-38009 (circl-sighting)
- CIRCL seen: CVE-2023-38009 (circl-sighting)
- CIRCL seen: CVE-2023-38009 (circl-sighting)
- CIRCL seen: CVE-2023-38009 (circl-sighting)
- https://www.ibm.com/support/pages/node/7172691 (circl)
- https://www.ibm.com/support/pages/node/7172692 (circl)
Timeline
- Oct 25, 2024 CVE Published
- Jan 26, 2025 PoC Published
- Jan 26, 2025 PoC Published
- Jan 26, 2025 PoC Published
- Jan 26, 2025 PoC Published
- Jan 26, 2025 PoC Published
- Jan 27, 2025 EPSS Score
- Feb 11, 2025 EPSS Score
- Feb 26, 2025 EPSS Score
- Mar 13, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Apr 13, 2025 EPSS Score
References
- https://www.ibm.com/support/pages/node/7173631 advisory
- https://www.ibm.com/support/pages/node/7174016 advisory
- https://www.ibm.com/support/pages/node/7174015 advisory
- https://www.ibm.com/support/pages/node/7173632 advisory
- https://www.ibm.com/support/pages/node/7172691 advisory
- https://www.ibm.com/support/pages/node/7172692 advisory
- https://www.ibm.com/support/pages/node/7173592 advisory
- https://www.ibm.com/support/pages/node/7173866 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-38009 advisory