6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation in the United States. IBM Cognos Analytics versions 11.2.1, 11.2.0 and 11.1.7 contain an information disclosure vulnerability that stems from faulty access controls that could be exploited by a low-level attacker to obtain sensitive information from an inaccessible “Cloud Storage” page details without access to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
ibm cognos analytics | eq | 11.1.7 | |
ibm cognos analytics | eq | 11.2.0 | |
ibm cognos analytics | eq | 11.2.1 |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N