Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cognos analytics vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-29745
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. IBM X-Force ID: 201695.
Ibm Cognos Analytics 11.2.0
Ibm Cognos Analytics 11.1.7
Netapp Oncommand Insight -
6.5
CVSSv2
CVE-2021-29679
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
3.5
CVSSv2
CVE-2020-4354
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
7.5
CVSSv2
CVE-2020-4561
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
6.4
CVSSv2
CVE-2019-4178
IBM Cognos Analytics 11 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919.
Ibm Cognos Analytics
4.3
CVSSv2
CVE-2016-0398
IBM Cognos Analytics (CA) 11.0 prior to 11.0.2 allows remote malicious users to conduct content-spoofing attacks via a crafted URL.
Ibm Cognos Analytics 11.0.0
3.5
CVSSv2
CVE-2021-39079
IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclos...
Ibm Cognos Analytics Mobile
6.4
CVSSv2
CVE-2021-39080
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-...
Ibm Cognos Analytics Mobile
5
CVSSv2
CVE-2016-9711
IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619.
Ibm Cognos Analytics 11.0.0
3.5
CVSSv2
CVE-2018-1413
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 13881...
Ibm Cognos Analytics
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »