CVE-2023-23474

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403...

CVE-2023-40695

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938...

CVE-2023-28952

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463...

CVE-2023-23474

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403...

IBM Cognos Controller 加密问题漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and creating and managing financial reports. A cryptographic issue vulnerability exists in IBM Cognos...

IBM Cognos Controller 安全漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A user enumeration vulnerability exists in IBM Cognos...

IBM Cognos Controller 安全漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A code execution vulnerability exists in IBM Cognos...

IBM Cognos Controller 安全漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and creating and managing financial reports. A security vulnerability exists in IBM Cognos Controller versio...

CVE-2020-4879

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847...

Security Bulletin: IBM Cognos Controller is vulnerable to privilege escalation (CVE-2020-4685)

Summary IBM Cognos Controller is vulnerable to privilege escalation. This has been addressed. Vulnerability Details CVEID: CVE-2020-4685 DESCRIPTION: A low level user of Cognos Controller who has Administration rights to the server where the application is installed, can escalate their privilege...