Ibm

Cognos Analytics

105 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.31%
  • Veröffentlicht 27.05.2026 12:17:11
  • Zuletzt bearbeitet 02.06.2026 20:05:07

IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to inject arbitrary JavaScript code into the web user ...

  • EPSS 0.19%
  • Veröffentlicht 26.05.2026 15:52:49
  • Zuletzt bearbeitet 01.06.2026 17:30:40

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting (XSS) in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript co...

  • EPSS 0.23%
  • Veröffentlicht 10.11.2025 19:33:55
  • Zuletzt bearbeitet 12.12.2025 15:14:49

IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages.

  • EPSS 0.17%
  • Veröffentlicht 28.06.2025 00:59:23
  • Zuletzt bearbeitet 01.07.2025 18:07:20

IBM Cognos Analytics 11.2.0 through 12.2.4 Fix Pack 5 and 12.0.0 through 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu...

  • EPSS 0.24%
  • Veröffentlicht 11.06.2025 17:28:57
  • Zuletzt bearbeitet 17.06.2025 20:33:12

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system.

  • EPSS 0.18%
  • Veröffentlicht 11.06.2025 17:27:49
  • Zuletzt bearbeitet 17.06.2025 20:33:21

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus al...

  • EPSS 0.32%
  • Veröffentlicht 11.06.2025 17:26:35
  • Zuletzt bearbeitet 17.06.2025 20:33:07

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 could allow an authenticated user to cause a denial of service by sending a specially crafted request that would exhaust memory resources.

  • EPSS 0.78%
  • Veröffentlicht 28.02.2025 03:15:10
  • Zuletzt bearbeitet 17.10.2025 16:15:36

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.

  • EPSS 0.55%
  • Veröffentlicht 28.02.2025 03:15:10
  • Zuletzt bearbeitet 02.07.2025 15:59:20

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitra...

  • EPSS 0.46%
  • Veröffentlicht 05.02.2025 11:15:14
  • Zuletzt bearbeitet 02.07.2025 15:59:03

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to exp...