3 matches found
Security Bulletin: IBM Sterling Control Center vulnerable to arbitrary file upload and sensitive information exposure due to IBM Cognos Analytics (CVE-2021-38945, CVE-2021-29768)
Summary IBM Cognos Analytics is shipped with IBM Sterling Control Center. To address multiple vulnerabilities, IBM Sterling Control Center now includes IBM Cognos Analytics 11.1.7.5. Vulnerability Details CVEID:CVE-2021-38945 DESCRIPTION: IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allo...
CVE-2021-38945
Summary of CVE-2021-38945 (IBM Cognos Analytics) Affects IBM Cognos Analytics versions 11.2.1, 11.2.0 and 11.1.7 (shipped with IBM Sterling Control Center) where a remote attacker could upload arbitrary files due to improper content validation on uploads. This is the root cause: lack of proper va...
CVE-2021-38945
IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238...