CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Prion•added 2019/09/17 7:15 p.m.•18 views

Cross site scripting

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 161421...

3.5CVSS5.2AI score0.00229EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2019/09/17 12:0 a.m.•1 views

PT-2019-17043 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.0 through 11.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...

5.4CVSS5.9AI score0.00229EPSS

Exploits0References4

IBM Security Bulletins•added 2018/06/15 11:15 p.m.•15 views

Security Bulletin: IBM Cognos Analytics : IBM Cognos Analytics is affected by CVE-2016-0398

Summary This bulletin addresses a recently discovered content spoofing vulnerability. Vulnerability Details CVEID: CVE-2016-0398 DESCRIPTION: IBM Cognos Analytics is vulnerable to content spoofing when an attacker familiar with CA can convince a user to click on a malicious link. CVSS Base Score:...

4.3CVSS1AI score0.0031EPSS

Exploits1Affected Software1

CVE•added 2018/03/22 12:0 p.m.•44 views

CVE-2016-9711

CVE-2016-9711 affects IBM Cognos Analytics 11.0 (Predictive Solutions Foundation). The issue is an information-disclosure vulnerability where detailed error messages reveal sensitive information about the application and database, potentially aiding an attacker in further attacks. IBM’s bulletin ...

5.3CVSS5.8AI score0.00191EPSS

Exploits0References3Affected Software1

Prion•added 2018/01/29 4:29 p.m.•22 views

Authentication flaw

IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857...

2.1CVSS4AI score0.00086EPSS

Exploits0References6Affected Software1

OSV•added 2018/01/29 4:29 p.m.•1 views

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824...

7.8CVSS5.8AI score0.00103EPSS

Exploits0References6

CNVD•added 2017/08/30 12:0 a.m.•1 views

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2017-25503)

IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. A cross-site...

5.4CVSS5.8AI score0.00269EPSS

Exploits0References1

OSV•added 2017/08/29 9:29 p.m.•0 views

CVE-2017-1428

IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim...

6.1CVSS5.8AI score0.00257EPSS

Exploits0References4

OSV•added 2017/04/05 6:59 p.m.•2 views

CVE-2016-3015

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1998887...

5.4CVSS5.4AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by