Vulnerabilities > CVE-2019-4176 - Unspecified vulnerability in IBM Cognos Controller

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

NVD

Published: 2019-06-17

Updated: 2023-01-30

Summary

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 158881.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Cognos Controller 10.2.1 IBM Cognos Controller 10.3.0 IBM Cognos Controller 10.3.1 IBM Cognos Controller 10.4.0 IBM Cognos Controller 10.2.0	5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/158881
http://www.ibm.com/support/docview.wss?uid=ibm10886913