Lucene search

[email protected]CVE-2013-5445

HistoryMar 25, 2014 - 8:55 p.m.

CVE-2013-5445

2014-03-2520:55:00

CWE-310

[email protected]

web.nvd.nist.gov

ibm

cognos

express

security

vulnerability

cve-2013-5445

ifix

nvd

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

47.0%

JSON

IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.

CPENameOperatorVersion
ibm:cognos_expressibm cognos expresseq10.1
ibm:cognos_expressibm cognos expresseq10.2.1
ibm:cognos_expressibm cognos expresseq9.5
ibm:cognos_expressibm cognos expresseq9.0

CPE	Name	Operator	Version
ibm:cognos_express	ibm cognos express	eq	10.1
ibm:cognos_express	ibm cognos express	eq	10.2.1
ibm:cognos_express	ibm cognos express	eq	9.5
ibm:cognos_express	ibm cognos express	eq	9.0

References

www-01.ibm.com/support/docview.wss?uid=swg21667626

exchange.xforce.ibmcloud.com/vulnerabilities/87821

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVE-2013-5445

seebug1 prion1 ibm1