Vulnerabilities > IBM > Cognos Analytics > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-05-07 CVE-2018-1413 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm netapp CWE-79
5.4
2018-03-22 CVE-2016-9711 Information Exposure vulnerability in IBM Cognos Analytics 11.0.0
IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system.
network
low complexity
ibm CWE-200
5.3
2018-01-29 CVE-2017-1784 Information Exposure vulnerability in multiple products
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user.
local
low complexity
ibm netapp CWE-200
5.5
2018-01-29 CVE-2017-1783 Improper Authentication vulnerability in multiple products
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication.
local
low complexity
ibm netapp CWE-287
4.0
2017-08-29 CVE-2017-1535 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-29 CVE-2017-1485 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-29 CVE-2017-1428 Improper Input Validation vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-20
6.1
2017-08-29 CVE-2017-1427 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-05-10 CVE-2016-3032 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-04-05 CVE-2016-3031 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4