87 matches found
CVE-2025-1494
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...
CVE-2025-1994 IBM Cognos Command Center code execution
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function...
CVE-2025-1994
CVE-2025-1994 affects IBM Cognos Command Center versions 10.2.4.1 and 10.2.5. The root cause is unsafe use of the BinaryFormatter function, enabling a local user to execute arbitrary code on the system. Confirmed details from multiple sources indicate local code execution risk with high impact ac...
CVE-2025-1994 IBM Cognos Command Center code execution
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function...
CVE-2025-2697 IBM Cognos Command Center HTTP Open Redirect
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to...
CVE-2025-2697
IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 are affected by an open redirect vulnerability that can be exploited to spoof URLs and direct users to a malicious site, enabling phishing and potential data exposure. Remediation provided by IBM and vendor advisories is to upgrade to a fixed...
CVE-2025-2697 IBM Cognos Command Center HTTP Open Redirect
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to...
CVE-2025-1494 IBM Cognos Command Center clickjacking
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...
CVE-2025-1494
IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 are affected by a clickjacking vulnerability (CWE-1021) that could allow a remote attacker to hijack a victim’s click actions by luring them to a malicious website. The CVE-2025-1494 vulnerability has CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:...
CVE-2025-1494 IBM Cognos Command Center clickjacking
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...
Security Bulletin: Multiple vulnerabilities in IBM Cognos Command Center
Summary There are vulnerabilities in IBM® Semeru Java™ used by IBM Cognos Command Center. Additionally, IBM Cognos Command Center is vulnerable to Open redirection, Clickjacking and Arbitary code execution vulnerabilities. This Security Bulletin relates only to the direct usage of third-party...
PT-2025-34792 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center is susceptible to an open redirect attack, potentially enabling a remote attacker to conduct phishing attacks. A crafted website can be used to...
IBM Cognos Command Center 安全漏洞
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A clickjacking vulnerability exists in IBM Cognos...
IBM Cognos Command Center 安全漏洞
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A code execution vulnerability exists in IBM Cognos...
IBM Cognos Command Center 输入验证错误漏洞
IBM Cognos Command Center is a solution for automating business processes that simplifies operational complexity across multiple software environments by allowing users to view, execute and monitor automated processes through a single interface. A redirection vulnerability exists in IBM Cognos...
PT-2025-34791 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 may allow a local user to execute arbitrary code on the system due to the unsafe use of the BinaryFormatter functio...
PT-2025-34790 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 may allow a remote attacker to hijack a victim’s click actions. This can occur when a victim visits a malicious...
CVE-2022-38707
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179...
CVE-2024-31899
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device...
PT-2024-24273 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: The issue could disclose highly sensitive user information to an authenticated user with physical access to the device. Recommendations: For versions 10.2.4.1 and 10.2.5,...