IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIBM Cognos Analytics
APPIbm11.0.011.1.0Netapp Oncommand Insight
APPNetappwszystkie wersje
Powiązane podatności
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5....
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...
IBM Cognos Analytics — podatność Expression Language Injection (EL Injection)
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass a...