Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics 11.1.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-4301
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176609.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
NA
CVE-2021-29823
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204465.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
NA
CVE-2022-36773
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233571.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Netapp Oncommand Insight -
4.3
CVSSv2
CVE-2021-39047
IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...
Ibm Planning Analytics 2.0
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.2.1
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2020-4951
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local malicious user to obtain sensitive information.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
6.5
CVSSv2
CVE-2021-29679
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
6.5
CVSSv2
CVE-2021-29745
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. IBM X-Force ID: 201695.
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.1.7
Netapp Oncommand Insight -
NA
CVE-2023-30996
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.
NA
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.
NA
CVE-2023-38359
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »