IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim’s password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613.
CPE | Name | Operator | Version |
---|---|---|---|
cognos_business_intelligence | eq | 10.2 | |
cognos_business_intelligence | eq | 10.1 | |
cognos_business_intelligence | eq | 10.2.2 |