CVE-2019-4623
- EPSS 0.67%
- Veröffentlicht 30.12.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:43:53
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2019-4231
- EPSS 0.72%
- Veröffentlicht 20.12.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:43:21
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.
CVE-2019-4555
- EPSS 0.77%
- Veröffentlicht 20.12.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:43:43
IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2019-4645
- EPSS 0.73%
- Veröffentlicht 09.11.2019 02:15:11
- Zuletzt bearbeitet 21.11.2024 04:43:55
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2018-1721
- EPSS 1.84%
- Veröffentlicht 09.11.2019 02:15:10
- Zuletzt bearbeitet 21.11.2024 04:00:15
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cause the web server to make HTTP request...
CVE-2019-4334
- EPSS 0.92%
- Veröffentlicht 09.11.2019 02:15:10
- Zuletzt bearbeitet 21.11.2024 04:43:29
IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271.
CVE-2019-4183
- EPSS 3.52%
- Veröffentlicht 17.09.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:43:17
IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. IBM X-Force ID: 158973.
CVE-2019-4342
- EPSS 0.99%
- Veröffentlicht 17.09.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:43:29
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2019-4139
- EPSS 1%
- Veröffentlicht 29.05.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:43:13
IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
CVE-2019-4178
- EPSS 3.07%
- Veröffentlicht 15.04.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:43:17
IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919.