QID 376222

Date Published: 2022-02-02

QID 376222: IBM Cognos Analytics Apache Log4j Vulnerability (6528388)

IBM Cognos Analytics offers guided, self-service capabilities designed to solve problems and seize new opportunities quickly.

Affected Versions:
IBM Cognos Analytics 11.2.x
IBM Cognos Analytics 11.1.x
IBM Cognos Analytics 11.0.6 to 11.0.13 FP4

By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Further information can be obtained from IBM
    Vendor References

    CVEs related to QID 376222

    Software Advisories
    Advisory ID Software Component Link
    6528388 URL Logo www.ibm.com/support/pages/node/6528388