Описание
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.
Ссылки
- VDB EntryVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 11.0.0 (включая) до 11.0.12 (включая)Версия от 11.1.0 (включая) до 11.1.4.0 (исключая)
Одно из
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:fixpack2:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00177
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.
EPSS
Процентиль: 39%
0.00177
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352