Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-0217
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in ...
Ibm Cognos Analytics 11.0.3
Ibm Cognos Analytics 11.0.2
Ibm Cognos Analytics 11.0.1
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.0.4
3.5
CVSSv2
CVE-2016-0218
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browse...
Ibm Cognos Business Intelligence 10.1.1
Ibm Cognos Business Intelligence 10.2.1.1
Ibm Cognos Business Intelligence 10.2.2
Ibm Cognos Business Intelligence 10.2
Ibm Cognos Business Intelligence 10.2.1
3.5
CVSSv2
CVE-2013-3979
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) prior to 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrar...
Ibm Star Command Center 3.0.2
Ibm Star Command Center 3.0.1
Ibm Star Command Center 3.0.5
Ibm Star Command Center 3.0.4
Ibm Star Command Center 3.0.3
Ibm Star Command Center 3.0.7
Ibm Star Command Center 3.0.6
Ibm Star Command Center 3.0.0
Ibm Star Command Center 1.6.1
3.3
CVSSv2
CVE-2018-1842
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.
Ibm Cognos Analytics
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2020-4951
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local malicious user to obtain sensitive information.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2017-1779
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.0.7.0
Ibm Cognos Analytics 11.0.2
Ibm Cognos Analytics 11.0.3
Ibm Cognos Analytics 11.0.4
Ibm Cognos Analytics 11.0.5.0
Ibm Cognos Analytics 11.0.1
Ibm Cognos Analytics 11.0.6.0
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2017-1783
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.
Ibm Cognos Analytics 11.0.1
Ibm Cognos Analytics 11.0.3
Ibm Cognos Analytics 11.0.4
Ibm Cognos Analytics 11.0.5.0
Ibm Cognos Analytics 11.0.6.0
Ibm Cognos Analytics 11.0.7.0
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.0.2
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2017-1784
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.
Ibm Cognos Analytics 11.0.4
Ibm Cognos Analytics 11.0.6.0
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.0.1
Ibm Cognos Analytics 11.0.2
Ibm Cognos Analytics 11.0.3
Ibm Cognos Analytics 11.0.5.0
Ibm Cognos Analytics 11.0.7.0
Netapp Oncommand Insight -
2.1
CVSSv2
CVE-2017-1125
IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.
Ibm Cognos Business Intelligence Server 10.2.1.1
Ibm Cognos Business Intelligence Server 10.2.1
Ibm Cognos Business Intelligence Server 10.2.0
Ibm Cognos Business Intelligence Server 10.1.1
Ibm Cognos Business Intelligence Server 10.2.2
NA
CVE-2024-25047
IBM Cognos Analytics 11.2.0 up to and including 11.2.4 and 12.0.0 up to and including 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »