Lucene search
K

42 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/28 7:30 p.m.87 views

Security Bulletin: Multiple vulnerabilities in IBM Cognos BI 8.4.1,10.1, 10.1.1 and 10.2 (CVE-2011-3026, CVE-2011-4858, CVE-2012-0498, CVE-2012-2177, CVE-2012-2193, CVE-2012-4835, CVE-2012-4836, CVE-2012-4837, CVE-2012-4840, CVE-2012-4858, CVE-2012-5081)

Summary Several security vulnerabilities have been identified in IBM Cognos BI which may allowing remote attackers to: - Cause a denial of service condition via excessive CPU consumption, - Inject arbitrary JavaScript code into the victim's web browser, - Download arbitrary XML files from the...

10CVSS9.8AI score0.80318EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.22 views

Security Bulletin: IBM Cognos BI 8.4 Partial Denial of Service Vulnerability

Abstract A malicious IBM Cognos BI 8.4 user is able to send a crafted request to the Cognos server which triggers high CPU utilization that may cause a partial denial of service condition due to CPU consumption. This vulnerability can only be exploited by authenticated users, and is not applicabl...

4CVSS1.9AI score0.00973EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/19 5:19 a.m.36 views

Security Bulletin: Information Disclosure in Cognos Business Intelligence (Cognos BI) shipped with Tivoli Common Reporting (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563)

Summary IBM Tivoli Common Reporting TCR interim fixes address Security Vulnerabilities CVE-2019-1547, CVE-2019-1549, CVE-2019-1563 Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: OpenSSL could allow a local authenticated attacker to obtain sensitive information, caused by the ability to...

5.3CVSS0.4AI score0.06232EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/19 9:1 p.m.53 views

Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilties

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in October 2018, January 2019, April 2019, July 2019 and October 2019. IBM Cognos Business Intelligence...

9.8CVSS0.7AI score0.94494EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:55 p.m.18 views

Security Bulletin: COGNOS DIRECT INTEGRATION ACCESS REMAINS OPEN AFTER CLOSING MAXIMO SESSION (CVE-2014-6102)

Summary IBM Maximo Asset Management could allow a user to access Cognos BI even after the Maximo session is closed. Vulnerability Details CVE-ID: CVE-2014-6102 DESCRIPTION: IBM Maximo Asset Management could allow a local user to bypass security on another user's Maximo session due to it improperl...

2.1CVSS0.3AI score0.00486EPSS
Exploits0Affected Software12
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:28 a.m.12 views

Security Bulletin: Security vulnerabilities in IBM WebSphere Application Server affects Rational Insight (CVE-2017-1681)

Summary The Rational Insight is shipped with a version of the IBM WebSphere Application Server which contains a security vulnerability that could have a potential security impact. Vulnerability Details CVEID: CVE-2017-1681 DESCRIPTION: IBM WebSphere Application Server IBM Liberty for Java for...

3.3CVSS0.9AI score0.0035EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:22 a.m.45 views

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Reporting for Development Intelligence

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL is used by Rational Reporting for Development Intelligence RRDI. RRDI has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is vulnerable to a denial of...

7.5CVSS0.6AI score0.57595EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:20 a.m.35 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight

Summary The Rational Insight is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-0762 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive...

9.1CVSS0.4AI score0.10303EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:20 a.m.50 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence

Summary The Rational Reporting for Development Intelligence RRDI is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-0762 DESCRIPTION: Apache Tomcat could allow a remot...

9.1CVSS0.3AI score0.10303EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:19 a.m.37 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence (CVE-2016-6816, CVE-2016-8735)

Summary The Rational Reporting for Development Intelligence RRDI is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HT...

9.8CVSS0.9AI score0.90338EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:19 a.m.65 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight (CVE-2016-6816, CVE-2016-8735)

Summary The Rational Insight is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HTTP response splitting attacks, cause...

9.8CVSS0.6AI score0.90338EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:14 a.m.35 views

Security Bulletin: A vulnerability in Apache Tomcat affects Rational Reporting for Development Intelligence (CVE-2015-5174)

Summary The Rational Reporting for Development Intelligence RRDI is shipped with a version of the Apache Tomcat web server which contains a security vulnerability that could have a potential security impact. Vulnerability Details CVEID: CVE-2015-5174 DESCRIPTION: Apache Tomcat could allow a remot...

8.8CVSS0.5AI score0.1838EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:13 a.m.58 views

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Insight (CVE-2016-3427)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 that is used by Rational Insight. The issue was disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified vulnerability related to the JMX...

10CVSS0.7AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:13 a.m.30 views

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Reporting for Development Intelligence (CVE-2016-3427)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 that is used by Rational Reporting for Development Intelligence RRDI. The issue was disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified...

10CVSS0.7AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:7 a.m.36 views

Security Bulletin: Vulnerability in Apache Commons affects Rational Insight (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Jazz Team Server and Cognos Business Intelligence Cognos BI shipped with Rational Insight. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a...

10CVSS1AI score0.97655EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:3 a.m.124 views

Security Bulletin: Vulnerability in Diffie-Hellman cipher affects Rational Insight (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Jazz Team Server and Cognos Business Intelligence Cognos BI shipped with Rational Insight. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker ...

4.3CVSS0.4AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:17 p.m.48 views

Security Bulletin: IBM Cognos Business Intelligence Server 2017Q1 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.

Summary This bulletin addresses several security vulnerabilities. IBM Cognos Business Intelligence has addressed a vulnerability where sensitive information can be revealed in its logs files. There is a vulnerabilitiy in IBM® WebSphere Application Server Liberty. Liberty is used by IBM Cognos...

9.8CVSS1AI score0.90338EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:15 p.m.34 views

Security Bulletin: IBM Cognos Business Intelligence Server 2016Q1 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.

Summary This bulletin addresses several security vulnerabilities. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and the IBM® Runtime Environment Java™ Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues...

7.1CVSS7.9AI score0.0721EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:13 p.m.37 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Business Intelligence (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Cognos Business Intelligence Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

4.3CVSS0.8AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:13 p.m.35 views

Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568).

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in July 2014. OpenSSL vulnerabilities along with SSL 3 Fallback protection...

7.5CVSS1.1AI score0.99999EPSS
Exploits8Affected Software1
Rows per page
Query Builder