Lucene search

K
ibmIBME03524C1CBB819CE2C0E752202DDBA7818D4C488E77C367CE6DFE9F1D8316EDC
HistoryJun 15, 2018 - 11:15 p.m.

Security Bulletin: A vulnerability in the GSKit component of Cognos Analytics (CVE-2016-0201)

2018-06-1523:15:00
www.ibm.com
5

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Summary

A vulnerability has been addressed in the GSKit component of Cognos Analytics

Vulnerability Details

CVEID: CVE-2016-0201 **DESCRIPTION:**IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials. **CVSS Base Score:**5.9 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109310&gt; for the current score CVSS Environmental Score: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

    • Cognos Analytics 11.0

Remediation/Fixes

The recommended solution is to apply the fix for version listed as soon as practical.

11.0: <http://www-01.ibm.com/support/docview.wss?uid=swg24041628&gt;

Workarounds and Mitigations

None known. Apply fixes

CPENameOperatorVersion
ibm cognos analyticseq11.0

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Related for E03524C1CBB819CE2C0E752202DDBA7818D4C488E77C367CE6DFE9F1D8316EDC