5 matches found
CVE-2024-40703
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...
Security Bulletin: IBM Cognos Analytics Reports mobile client application (iOS) is vulnerable to unauthorized attacks due to an exposed API key (CVE-2024-40703)
Summary An exposed API key in IBM Cognos Analytics could allow an unauthorized attacker to send unsolicited push notification alerts to IBM Cognos Analytics Reports mobile client applications. IBM Cognos Analytics has addressed the applicable CVE by revoking the exposed API key. Revocation of thi...
CVE-2024-40703 IBM Cognos Analytics information disclosure
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...
CVE-2024-40703 IBM Cognos Analytics information disclosure
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...
Security Bulletin: IBM Cognos Analytics is vulnerable to unauthorized attacks due to an exposed API key (CVE-2024-40703)
Summary An exposed API key in IBM Cognos Analytics could allow an unauthorized attacker to send unsolicited push notification alerts to IBM Cognos Analytics Mobile client applications. IBM Cognos Analytics has addressed the applicable CVE by revoking the exposed API key. Revocation of this API ke...