Cognos Analytics Security Vulnerabilities and Issues — Cognos Analytics CVE List

Lucene search

IbmCognos Analytics

6 matches found

CVE•added 2018/05/07 1:29 p.m.•64 views

CVE-2018-1413

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138819.

5.4CVSS6.2AI score0.00673EPSS

CVE•added 2018/11/09 1:29 a.m.•56 views

CVE-2018-1842

IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.

3.6CVSS5.1AI score0.00084EPSS

CVE•added 2018/01/29 4:29 p.m.•48 views

CVE-2017-1779

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.

7.8CVSS7.2AI score0.00103EPSS

CVE•added 2018/01/29 4:29 p.m.•46 views

CVE-2017-1784

IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.

5.5CVSS5.4AI score0.00153EPSS

CVE•added 2018/01/29 4:29 p.m.•41 views

CVE-2017-1783

IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.

4CVSS4.7AI score0.00086EPSS

CVE•added 2018/03/22 12:29 p.m.•38 views

CVE-2016-9711

IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619.

5.3CVSS5.8AI score0.00191EPSS