Cognos Controller@10.4.1 Security Vulnerabilities and Issues — Cognos Controller@10.4.1 CVE List

Lucene search

IbmCognos Controller10.4.1

4 matches found

CVE•added 2019/11/09 2:15 a.m.•164 views

CVE-2019-4412

IBM Cognos Controller stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162659.

5.3CVSS5AI score0.00284EPSS

CVE•added 2019/11/09 2:15 a.m.•142 views

CVE-2019-4411

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 could allow an authenticated user to obtain sensitive information due to easy to guess session identifier names. IBM X-Force ID: 162658.

4.3CVSS4.5AI score0.00222EPSS

CVE•added 2019/09/17 7:15 p.m.•81 views

CVE-2019-4171

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 158876.

4.3CVSS4.5AI score0.00103EPSS

CVE•added 2019/09/17 7:15 p.m.•70 views

CVE-2019-4175

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880.

7.5CVSS7.2AI score0.00112EPSS