Lucene search

[email protected]CVE-2019-4366

HistoryAug 03, 2020 - 1:15 p.m.

CVE-2019-4366

2020-08-0313:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

ibm

cognos analytics

cve-2019-4366

information disclosure

vulnerability

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.9 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

27.3%

JSON

IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748.

VendorProductVersionCPE
ibmcognos_analytics11.0cpe:2.3:a:ibm:cognos_analytics:11.0:*:*:*:*:*:*:*
ibmcognos_analytics11.1cpe:2.3:a:ibm:cognos_analytics:11.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	cognos_analytics	11.0	cpe:2.3:a:ibm:cognos_analytics:11.0:::::::*
ibm	cognos_analytics	11.1	cpe:2.3:a:ibm:cognos_analytics:11.1:::::::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/161748

www.ibm.com/support/pages/node/6252853

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.9 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

27.3%

JSON

Related for CVE-2019-4366

prion1 cvelist1 ibm1