6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards, and scorecards, and can help companies make adjustments to their decisions by analyzing key factors and key people, etc. An information disclosure vulnerability exists in IBM Cognos Analytics, which stems from the program storing user credentials in cleartext. An authenticated attacker could read the credentials stored in plaintext.
CPE | Name | Operator | Version |
---|---|---|---|
ibm cognos analytics | eq | 11.2.0 | |
ibm ibm cognos analytics >=11.1.0, | lt | 11.1.7 | |
ibm cognos analytics | eq | 11.2.1 |