Ibm

Cognos Analytics

105 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.19%
  • Veröffentlicht 26.01.2025 16:15:30
  • Zuletzt bearbeitet 18.08.2025 17:57:33

IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning.

Medienbericht
  • EPSS 0.42%
  • Veröffentlicht 20.12.2024 14:15:24
  • Zuletzt bearbeitet 02.07.2025 15:53:18

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload mal...

Medienbericht
  • EPSS 0.59%
  • Veröffentlicht 20.12.2024 14:15:24
  • Zuletzt bearbeitet 02.07.2025 15:58:56

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resou...

  • EPSS 0.27%
  • Veröffentlicht 18.12.2024 17:15:13
  • Zuletzt bearbeitet 10.01.2025 19:31:43

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.

  • EPSS 0.26%
  • Veröffentlicht 18.12.2024 17:15:13
  • Zuletzt bearbeitet 10.01.2025 19:33:46

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of ...

  • EPSS 0.23%
  • Veröffentlicht 18.12.2024 17:15:13
  • Zuletzt bearbeitet 10.01.2025 19:34:56

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exp...

  • EPSS 0.14%
  • Veröffentlicht 22.09.2024 13:15:10
  • Zuletzt bearbeitet 27.09.2024 16:49:46

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could ...

  • EPSS 0.38%
  • Veröffentlicht 28.06.2024 19:15:04
  • Zuletzt bearbeitet 03.11.2025 22:16:47

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is potentially vulnerable to cross site scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cogno...

  • EPSS 0.28%
  • Veröffentlicht 28.06.2024 19:15:04
  • Zuletzt bearbeitet 03.11.2025 22:16:47

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This could allow an attacker to spoof a trusted ent...

  • EPSS 0.64%
  • Veröffentlicht 02.05.2024 21:16:11
  • Zuletzt bearbeitet 02.07.2025 15:41:45

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956.