Security Bulletin: Privilege Escalation vulnerability affects Cognos Analytics (CVE-2016-8960)

Summary Cognos Analytics is vulnerable to a privilege escalation attack that could grant a user the Capabilities of another. Vulnerability Details CVEID: CVE-2016-8960 DESCRIPTION: IBM Cognos Business Intelligence could allow a user with lower privilege Capabilities to adopt the Capabilities of a...

Security Bulletin: Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)

Summary Cognos Business Intelligence is vulnerable to a privilege escalation attack that could grant a user the Capabilities of another. Vulnerability Details CVEID: CVE-2016-8960 DESCRIPTION: IBM Cognos Business Intelligence could allow a user with lower privilege Capabilities to adopt the...

CVE-2016-8960

The CVE-2016-8960 issue affects IBM Cognos products and describes a privilege-escalation flaw where a user with lower capabilities can adopt a higher-privilege set by intercepting and reusing a higher-privilege cookie in HTTP requests. Connected IBM bulletins specify affected ranges: Cognos Analy...