CVE-2023-30996

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290...

CVE-2023-32344

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...

CVE-2023-30996

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290...

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A denial of service...

CVE-2023-43051 IBM Cognos Analytics cross-site scripting

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

PT-2024-12712 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 12.0.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...

PT-2024-12322 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 12.0.0 Description: The issue allows form action hijacking, where it is possible to modify the form action to reference an arbitrary path. Recommendations: For versions 11.1.7, 11.2.4, and 12.0.0,...

PT-2024-12249 · Ibm +1 · Ibm Cognos Analytics +1

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 12.0.0 Description: The issue is related to information leakage due to unverified sources in messages sent between Windows objects of different origins. Recommendations: For IBM Cognos Analytics...

IBM Cognos Analytics Sensitive Information Disclosure Vulnerability (CNVD-2022-91131)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A sensitive information...

IBM Cognos Analytics Server-Side Request Forgery Vulnerability

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A server-side request forgery...

CVE-2022-38708

IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack SSRF attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180...

CVE-2022-38708 IBM Cognos Analytics server-side request forgery

IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack SSRF attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180...

IBM Cognos Analytics 注入漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A log injection vulnerability...

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing content such as key factors and key people. A security...

IBM Cognos Analytics 跨站请求伪造漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation of the United States. IBM Cognos Analytics versions 11.1.7, 11.2.0 and 11.2.1 contain security vulnerabilities that could be exploited by attackers to perform malicious and unauthorized actions transmitted from...

PT-2022-10863 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue allows a local attacker to obtain information due to the autocomplete feature on password input fields. Recommendations: For versions 11.1.7 through 11.2.1, consider...

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing such things as key factors and key people. A security...

PT-2022-20206 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is a denial of service vulnerability via email flooding caused by sending a specially-crafted request. A remote attacker could exploit this to cause the server to...

PT-2022-23616 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to expose sensitive information or consume...

IBM Cognos Analytics 跨站请求伪造漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation of the United States. IBM Cognos Analytics versions 11.1.7, 11.2.0 and 11.2.1 contain a security vulnerability that allows an attacker to perform malicious and unauthorized actions transmitted from a trusted us...