Ibm

Cognos Analytics

102 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2019-4645

  • EPSS 0.33%
  • Published 09.11.2019 02:15:11
  • Last modified 21.11.2024 04:43:55

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

8.8

CVE-2018-1721

  • EPSS 0.49%
  • Published 09.11.2019 02:15:10
  • Last modified 21.11.2024 04:00:15

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cause the web server to make HTTP request...

4.3

CVE-2019-4334

  • EPSS 0.27%
  • Published 09.11.2019 02:15:10
  • Last modified 21.11.2024 04:43:29

IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271.

7.8

CVE-2019-4183

  • EPSS 1.14%
  • Published 17.09.2019 19:15:11
  • Last modified 21.11.2024 04:43:17

IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. IBM X-Force ID: 158973.

5.4

CVE-2019-4342

  • EPSS 0.23%
  • Published 17.09.2019 19:15:11
  • Last modified 21.11.2024 04:43:29

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4

CVE-2019-4139

  • EPSS 0.28%
  • Published 29.05.2019 15:29:00
  • Last modified 21.11.2024 04:43:13

IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...

9.1

CVE-2019-4178

  • EPSS 0.89%
  • Published 15.04.2019 15:29:00
  • Last modified 21.11.2024 04:43:17

IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919.

3.6

CVE-2018-1842

  • EPSS 0.08%
  • Published 09.11.2018 01:29:00
  • Last modified 21.11.2024 04:00:29

IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.

5.4

CVE-2018-1413

  • EPSS 0.67%
  • Published 07.05.2018 13:29:00
  • Last modified 21.11.2024 03:59:46

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.3

CVE-2016-9711

  • EPSS 0.19%
  • Published 22.03.2018 12:29:00
  • Last modified 21.11.2024 03:01:38

IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619.