7.8

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmCognos Analytics Version11.0.0
IbmCognos Analytics Version11.0.1
IbmCognos Analytics Version11.0.2
IbmCognos Analytics Version11.0.3
IbmCognos Analytics Version11.0.4
IbmCognos Analytics Version11.0.5.0
IbmCognos Analytics Version11.0.6.0
IbmCognos Analytics Version11.0.7.0
NetappOncommand Insight Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.33
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

https://security.netapp.com/advisory/ntap-20190329-0003/
Broken Link
https://security.netapp.com/advisory/ntap-20190401-0003/
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg22011561
Patch
Vendor Advisory
http://www.securityfocus.com/bid/102858
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040299
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/136824
Vendor Advisory
VDB Entry