5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Cognos Planning. These issues were disclosed as part of the IBM Java SDK updates in January 2016.
CVEID: CVE-2016-0466
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109948> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2016-0448
DESCRIPTION: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109949> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)
IBM Cognos Planning 10.1
IBM Cognos Planning 10.1.1
Apply fixes, download available at:
IBM Cognos Planning 10.1.1 FP7
IBM Cognos Planning 10.1 IF7
CPE | Name | Operator | Version |
---|---|---|---|
cognos planning | eq | 10.1 | |
cognos planning | eq | 10.1.1 |