Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2016-0398

Publish Date: 03 Jun 2016

Source

                /*
Content Spoofing Vulnerability in IBM Cognos Analytics Applications
Advisory 5190
Patch Release - 30 May 2016
Public Release - 03 June 2016
CVE-2016-0398
The IBM Security Bulletins associated with this CVE have been published at the following URLs:
IBM Cognos Analytics 11.0        http://www.ibm.com/support/docview.wss?uid=swg21977070IBM Cognos Analytics 10.x        http://www.ibm.com/support/docview.wss?uid=swg21983247
Products or solutions and versions affected - IBM Cognos 10.x, 11.0
Summary - IBM Cognos Analytics 10.x and 11.0 applications are affected by Content Spoofing vulnerability which is an attack technique that allows an attacker to inject a malicious payload that is later misrepresented as legitimate content of a web application. This does not require any authentication.
Payload 
https://TargetURL/cognos1021/cgi-bin/cognos.cgi?b_action=icd&amp;pathinfo=Your_Text_Here
*/
Regards,Sonal Moon
<p>

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

IBM Cognos 11.0 Content Spoofing

Vulmon Search

About

Products

Connect