VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
IBM
>
Cognos Analytics
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-04-22
CVE-2021-38905
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to.
network
low complexity
ibm
netapp
4.3
4.3
2022-04-22
CVE-2021-38946
Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
netapp
CWE-79
5.4
5.4
2021-12-03
CVE-2021-20493
Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
netapp
CWE-79
6.1
6.1
2021-12-03
CVE-2021-29716
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application that privileged user should only be allowed to view.
network
low complexity
ibm
netapp
6.5
6.5
2021-12-03
CVE-2021-29719
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type.
network
low complexity
ibm
netapp
5.3
5.3
2021-12-03
CVE-2021-29867
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter notebook that they should not have access to.
network
low complexity
ibm
netapp
5.4
5.4
2021-12-03
CVE-2021-38909
Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
netapp
CWE-79
5.4
5.4
2021-06-30
CVE-2021-20461
Exposure of Resource to Wrong Sphere vulnerability in multiple products
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting.
network
low complexity
ibm
netapp
CWE-668
6.5
6.5
2021-06-01
CVE-2019-4471
Missing Encryption of Sensitive Data vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session.
network
low complexity
ibm
netapp
CWE-311
6.5
6.5
2021-06-01
CVE-2019-4653
Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm
netapp
CWE-79
5.4
5.4
«
Previous
1
2
3
4
(current)
5
6
7
»
Next