Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-4716
IBM Planning Analytics 2.0.0 up to and including 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
Ibm Planning Analytics
9.3
CVSSv2
CVE-2020-4302
IBM Cognos Analytics 11.0 and 11.1 could allow a remote malicious user to execute arbitrary code on the system, caused by a CSV injection. By persuading a victim to open a specially-crafted excel file, an attacker could exploit this vulnerability to execute arbitrary code on the ...
Ibm Cognos Analytics
Ibm Cognos Analytics 11.0.13
7.8
CVSSv2
CVE-2019-4183
IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. IBM X-Force ID: 158973.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
7.5
CVSSv2
CVE-2021-38945
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote malicious user to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
7.5
CVSSv2
CVE-2020-4561
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
6.8
CVSSv2
CVE-2021-38886
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
6.8
CVSSv2
CVE-2021-29756
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the My Inbox page which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202167.
Ibm Cognos Analytics
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
6.8
CVSSv2
CVE-2020-4520
IBM Cognos Analytics 11.0 and 11.1 could allow a remote malicious user to inject malicious HTML code that when viewed by the authenticated victim would execute the code. IBM X-Force ID: 182395.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
6.5
CVSSv2
CVE-2021-29679
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
6.5
CVSSv2
CVE-2021-29745
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. IBM X-Force ID: 201695.
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.1.7
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »