Описание
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.
Уязвимые конфигурации
Конфигурация 1Версия от 11.2.0 (включая) до 11.2.4 (исключая)Версия от 12.0.0 (включая) до 12.0.4 (исключая)
Одно из
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack2:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack3:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack4:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack5:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:12.0.4:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:12.0.4:interim_fix_1:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01841
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-23
Связанные уязвимости
CVSS3: 6.5
github
11 месяцев назад
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion vulnerability, allowing an attacker to access sensitive files by inserting path traversal payloads inside the deficon parameter.
EPSS
Процентиль: 83%
0.01841
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-23