Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34357
IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service un...
NA
CVE-2023-43051
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
NA
CVE-2023-30996
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.
NA
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.
NA
CVE-2023-38359
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
NA
CVE-2023-35009
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote malicious user to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257703.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.4
NA
CVE-2023-35011
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force...
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.4
NA
CVE-2023-28530
IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site scripting, caused by improper validation of SVG Files in Custom Visualizations. A remote attacker could exploit this vulnerability to execute scripts in a victim's Web browser within the security context o...
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.4
NA
CVE-2023-25929
IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.4
NA
CVE-2023-28953
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an malicious user to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.
Ibm Cognos Analytics Cartridge For Ibm Cloud Pak For Data
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »