CVE-2016-0398

Published on: 07/02/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:13 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Certain versions of Cognos Analytics from Ibm contain the following vulnerability:

IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL.

  • CVE-2016-0398 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 4.3 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE LOW NONE

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Security Bulletin: IBM Cognos Analytics : IBM Cognos Analytics is affected by CVE-2016-0398 Patch
Vendor Advisory
www-01.ibm.com
text/html
URL Logo CONFIRM www-01.ibm.com/support/docview.wss?uid=swg21977070

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationIbmCognos Analytics11.0.0AllAllAll
ApplicationIbmCognos Analytics11.0.0AllAllAll
  • cpe:2.3:a:ibm:cognos_analytics:11.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cognos_analytics:11.0.0:*:*:*:*:*:*:*: