CVE-2018-1842
- EPSS 0.26%
- Veröffentlicht 09.11.2018 01:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:29
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.
CVE-2018-1413
- EPSS 1.11%
- Veröffentlicht 07.05.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:46
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
CVE-2016-9711
- EPSS 1.74%
- Veröffentlicht 22.03.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:01:38
IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619.
CVE-2017-1779
- EPSS 0.41%
- Veröffentlicht 29.01.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:22:21
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
- EPSS 0.46%
- Veröffentlicht 29.01.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:22:21
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.
CVE-2017-1784
- EPSS 0.38%
- Veröffentlicht 29.01.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:22:21
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.
CVE-2017-1427
- EPSS 1%
- Veröffentlicht 29.08.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
CVE-2017-1428
- EPSS 1.16%
- Veröffentlicht 29.08.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and pos...
CVE-2017-1485
- EPSS 0.54%
- Veröffentlicht 29.08.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
CVE-2017-1535
- EPSS 0.72%
- Veröffentlicht 29.08.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...