2 matches found
Security Bulletin: Multiple vulnerabilities in IBM Cognos Express (CVE-2013-5443, CVE-2013-5445, CVE-2013-5444, CVE-2013-2407, CVE-2013-2450, CVE-2013-0169, CVE-2013-1478, CVE-2013-1480)
Summary A number of security vulnerabilities in IBM Cognos Express have been identified and addressed in a software update. Vulnerability Details CVE ID: CVE-2013-5443 DESCRIPTION: A Cross Site Request Forgery CSRF vulnerability in IBM Cognos Express allows an attacker that is able to trick an...
CVE-2013-5444
CVE-2013-5444 affects IBM Cognos Express 9.0/9.5/10.1 before IFIX 2 and 10.2.1 before FP1. The vulnerability stems from using a static key for encryption, enabling remote attackers to read encrypted credentials via unspecified vectors. IBM’s security bulletin lists remediation by applying fixes i...