Ibm

Cognos Analytics

105 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.42%
  • Veröffentlicht 26.02.2024 16:27:46
  • Zuletzt bearbeitet 17.12.2024 19:32:35

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.

  • EPSS 0.38%
  • Veröffentlicht 26.02.2024 16:27:46
  • Zuletzt bearbeitet 17.12.2024 18:55:38

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.

  • EPSS 0.69%
  • Veröffentlicht 26.02.2024 16:27:46
  • Zuletzt bearbeitet 17.12.2024 18:55:23

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

  • EPSS 0.63%
  • Veröffentlicht 26.02.2024 16:27:46
  • Zuletzt bearbeitet 17.12.2024 18:08:08

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

  • EPSS 1.21%
  • Veröffentlicht 26.02.2024 16:27:45
  • Zuletzt bearbeitet 17.12.2024 16:49:34

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a pe...

  • EPSS 0.38%
  • Veröffentlicht 16.08.2023 23:15:10
  • Zuletzt bearbeitet 21.11.2024 08:07:49

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ot...

  • EPSS 0.76%
  • Veröffentlicht 16.08.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:07:49

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257...

  • EPSS 0.41%
  • Veröffentlicht 22.07.2023 02:15:47
  • Zuletzt bearbeitet 21.11.2024 07:50:26

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

  • EPSS 0.53%
  • Veröffentlicht 22.07.2023 02:15:47
  • Zuletzt bearbeitet 21.11.2024 07:55:17

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site scripting, caused by improper validation of SVG Files in Custom Visualizations. A remote attacker could exploit this vulnerability to execute scripts in a victim's Web browser with...

  • EPSS 0.53%
  • Veröffentlicht 12.05.2023 01:15:09
  • Zuletzt bearbeitet 21.11.2024 06:18:28

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...