Описание
IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.
Ссылки
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 3.3
github
больше 3 лет назад
IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. IBM X-Force ID: 121340.
EPSS
Процентиль: 17%
0.00054
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200