China National Vulnerability DatabaseCNVD-2021-83784IBM Cognos Analytics Information Disclosure Vulnerability (CNVD-2021-83784)
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing key factors and key people, etc. An information disclosure vulnerability exists in IBM Cognos Analytics, which stems from the fact that IBM Cognos Analytics contains locally cached browser data and can be exploited by local attackers to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm cognos analytics | eq | 11.1.7 | |
| ibm ibm cognos analytics | eq | 11.2.0 |
Related
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N