2 matches found
Security Bulletin: IBM Cognos Controller is vulnerable to privilege escalation (CVE-2020-4685)
Summary IBM Cognos Controller is vulnerable to privilege escalation. This has been addressed. Vulnerability Details CVEID: CVE-2020-4685 DESCRIPTION: A low level user of Cognos Controller who has Administration rights to the server where the application is installed, can escalate their privilege...
CVE-2020-4685
IBM Cognos Controller is affected by CVE-2020-4685. A low-level user with server admin rights on IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, or 10.4.2 can escalate to Super Admin and create/update/delete any user. The IBM Security Bulletin cites a base CVSS v3 score of 8.0 (HIGH) with n...