Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-4334
IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
4.3
CVSSv3
CVE-2016-0398
IBM Cognos Analytics (CA) 11.0 prior to 11.0.2 allows remote malicious users to conduct content-spoofing attacks via a crafted URL.
Ibm Cognos Analytics 11.0.0
4
CVSSv3
CVE-2017-1783
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.
Ibm Cognos Analytics 11.0.1
Ibm Cognos Analytics 11.0.3
Ibm Cognos Analytics 11.0.4
Ibm Cognos Analytics 11.0.5.0
Ibm Cognos Analytics 11.0.6.0
Ibm Cognos Analytics 11.0.7.0
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.0.2
Netapp Oncommand Insight -
3.6
CVSSv3
CVE-2018-1842
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.
Ibm Cognos Analytics
Netapp Oncommand Insight -
3.3
CVSSv3
CVE-2020-4951
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local malicious user to obtain sensitive information.
Ibm Cognos Analytics 11.1.7
Ibm Cognos Analytics 11.2.0
Netapp Oncommand Insight -
3.3
CVSSv3
CVE-2017-1125
IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.
Ibm Cognos Business Intelligence Server 10.2.1.1
Ibm Cognos Business Intelligence Server 10.2.1
Ibm Cognos Business Intelligence Server 10.2.0
Ibm Cognos Business Intelligence Server 10.1.1
Ibm Cognos Business Intelligence Server 10.2.2
NA
CVE-2024-25047
IBM Cognos Analytics 11.2.0 up to and including 11.2.4 and 12.0.0 up to and including 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.
NA
CVE-2023-43051
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
NA
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.
NA
CVE-2023-38359
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »