Cognos Analytics Security Vulnerabilities and Issues — Cognos Analytics CVE List

Lucene search

IbmCognos Analytics

3 matches found

CVE•added 2025/02/05 11:15 a.m.•51 views

CVE-2024-49352

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resou...

7.1CVSS6.8AI score0.00387EPSS

CVE•added 2025/02/28 3:15 a.m.•47 views

CVE-2025-0823

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

6.5CVSS6.4AI score0.00077EPSS

CVE•added 2025/02/28 3:15 a.m.•42 views

CVE-2024-56340

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.

6.5CVSS6.6AI score0.00537EPSS