IBM Cognos Business Intelligence CVE-2012-4858 Remote Command Execution Vulnerability
BID:58273
Info
IBM Cognos Business Intelligence CVE-2012-4858 Remote Command Execution Vulnerability
| Bugtraq ID: | 58273 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-4858 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 27 2013 12:00AM |
| Updated: | Feb 27 2013 12:00AM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
IBM Cognos Business Intelligence 10.1.1 IBM Cognos Business Intelligence 8.4.1 IBM Cognos Business Intelligence 10.2 IBM Cognos Business Intelligence 10.1 |
| Not Vulnerable: | |
Discussion
IBM Cognos Business Intelligence CVE-2012-4858 Remote Command Execution Vulnerability
IBM Cognos Business Intelligence is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize input data.
An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.
IBM Cognos Business Intelligence 10.1, 10.1.1, 10.2, and 8.4.1 are vulnerable.
IBM Cognos Business Intelligence is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize input data.
An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.
IBM Cognos Business Intelligence 10.1, 10.1.1, 10.2, and 8.4.1 are vulnerable.
Solution / Fix
IBM Cognos Business Intelligence CVE-2012-4858 Remote Command Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
IBM Cognos Business Intelligence CVE-2012-4858 Remote Command Execution Vulnerability
References:
References: