Описание
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting. An attacker could potentially bypass business logic to modify the appearance and behavior of the application. IBM X-Force ID: 196770.
Ссылки
- VDB EntryVendor Advisory
- Third Party Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 11.0.0 (включая) до 11.0.13 (исключая)Версия от 11.1.0 (включая) до 11.1.7 (исключая)
Одно из
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:fixpack2:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.0.13:fixpack3:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack2:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00193
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-668
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting. An attacker could potentially bypass business logic to modify the appearance and behavior of the application. IBM X-Force ID: 196770.
EPSS
Процентиль: 41%
0.00193
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-668