2 matches found
Security Bulletin: Multiple vulnerabilities in IBM Cognos Express (CVE-2013-5443, CVE-2013-5445, CVE-2013-5444, CVE-2013-2407, CVE-2013-2450, CVE-2013-0169, CVE-2013-1478, CVE-2013-1480)
Summary A number of security vulnerabilities in IBM Cognos Express have been identified and addressed in a software update. Vulnerability Details CVE ID: CVE-2013-5443 DESCRIPTION: A Cross Site Request Forgery CSRF vulnerability in IBM Cognos Express allows an attacker that is able to trick an...
CVE-2013-5443
CVE-2013-5443 is a CSRF vulnerability in IBM Cognos Express that can allow an attacker to hijack the authentication of an authenticated user. Affected versions include Cognos Express 9.0, 9.5, 10.1 (all before their IFIX 2) and 10.2.1 before FP1. The IBM Security Bulletin lists remediation by app...