2 matches found
CVE-2020-4302
CVE-2020-4302 affects IBM Cognos Analytics 11.0 and 11.1 and is due to a CSV injection that could allow a remote attacker to execute arbitrary code by convincing a user to open a specially crafted Excel file. The NVD entry lists a high impact (C/H/I/A) with CVSS v3.1 score 7.8 (LOCAL attack vecto...
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics. Vulnerability Details CVEID: CVE-2020-1747 DESCRIPTION: PyYAML could allow a remote attacker to execute arbitrary code on the system, caused by an error when processing untrusted YAML files through the fullload method o...