IBME03524C1CBB819CE2C0E752202DDBA7818D4C488E77C367CE6DFE9F1D8316EDCSecurity Bulletin: A vulnerability in the GSKit component of Cognos Analytics (CVE-2016-0201)
EPSS
Percentile
68.2%
Summary
A vulnerability has been addressed in the GSKit component of Cognos Analytics
Vulnerability Details
CVEID: CVE-2016-0201 **DESCRIPTION:**IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials. **CVSS Base Score:**5.9 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109310> for the current score CVSS Environmental Score: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
-
- Cognos Analytics 11.0
Remediation/Fixes
The recommended solution is to apply the fix for version listed as soon as practical.
11.0: <http://www-01.ibm.com/support/docview.wss?uid=swg24041628>
Workarounds and Mitigations
None known. Apply fixes
Related
EPSS
Percentile
68.2%