Cognos Analytics@11.1.7 Security Vulnerabilities and Issues — Cognos Analytics@11.1.7 CVE List

Lucene search

IbmCognos Analytics11.1.7

5 matches found

CVE•added 2024/02/26 4:27 p.m.•131 views

CVE-2022-34357

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other...

6.5CVSS6.3AI score0.00094EPSS

CVE•added 2024/02/26 4:27 p.m.•93 views

CVE-2023-32344

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.

4.3CVSS4.5AI score0.00043EPSS

CVE•added 2024/02/26 4:27 p.m.•90 views

CVE-2023-30996

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.

5.3CVSS5AI score0.00096EPSS

CVE•added 2024/02/26 4:27 p.m.•88 views

CVE-2023-43051

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 26...

5.4CVSS5.2AI score0.00135EPSS

CVE•added 2024/02/26 4:27 p.m.•86 views

CVE-2023-38359

6.1CVSS5.8AI score0.00114EPSS