Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cognos analytics vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv3
CVE-2018-1842
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.
Ibm Cognos Analytics
Netapp Oncommand Insight -
4.3
CVSSv3
CVE-2019-4729
IBM Cognos Analytics 11.0 and 11.1 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 172519.
Ibm Cognos Analytics
Netapp Oncommand Insight -
4.3
CVSSv3
CVE-2023-28953
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an malicious user to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.
Ibm Cognos Analytics Cartridge For Ibm Cloud Pak For Data
5.4
CVSSv3
CVE-2016-0218
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browse...
Ibm Cognos Business Intelligence 10.2.1
Ibm Cognos Business Intelligence 10.2
Ibm Cognos Business Intelligence 10.1.1
Ibm Cognos Business Intelligence 10.2.1.1
Ibm Cognos Business Intelligence 10.2.2
3.3
CVSSv3
CVE-2017-1125
IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.
Ibm Cognos Business Intelligence Server 10.2.0
Ibm Cognos Business Intelligence Server 10.2.1.1
Ibm Cognos Business Intelligence Server 10.2.2
Ibm Cognos Business Intelligence Server 10.1.1
Ibm Cognos Business Intelligence Server 10.2.1
9.8
CVSSv3
CVE-2019-4716
IBM Planning Analytics 2.0.0 up to and including 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
Ibm Planning Analytics
NA
CVE-2013-3979
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) prior to 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrar...
Ibm Star Command Center 1.6.1
Ibm Star Command Center 3.0.0
Ibm Star Command Center 3.0.1
Ibm Star Command Center 3.0.2
Ibm Star Command Center 3.0.3
Ibm Star Command Center 3.0.4
Ibm Star Command Center 3.0.5
Ibm Star Command Center 3.0.6
Ibm Star Command Center 3.0.7
NA
CVE-2023-30996
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.
NA
CVE-2023-32344
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.
NA
CVE-2024-25047
IBM Cognos Analytics 11.2.0 up to and including 11.2.4 and 12.0.0 up to and including 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »