Vulnerabilities > IBM > Cognos Analytics > 11.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-09 | CVE-2019-4645 | Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 6.1 |
| 2019-11-09 | CVE-2019-4334 | Unspecified vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. | 4.3 |
| 2019-11-09 | CVE-2018-1721 | XML Injection (aka Blind XPath Injection) vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.8 |
| 2019-09-17 | CVE-2019-4342 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-17 | CVE-2019-4183 | Resource Exhaustion vulnerability in multiple products IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. | 7.5 |
| 2019-05-29 | CVE-2019-4139 | Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0/11.1.1 IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-site scripting. | 5.4 |
| 2018-03-22 | CVE-2016-9711 | Information Exposure vulnerability in IBM Cognos Analytics 11.0.0 IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. | 5.3 |
| 2018-01-29 | CVE-2017-1784 | Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. | 5.5 |
| 2018-01-29 | CVE-2017-1783 | Improper Authentication vulnerability in multiple products IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. | 4.0 |
| 2018-01-29 | CVE-2017-1779 | Insufficiently Protected Credentials vulnerability in multiple products IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. | 7.8 |