Known Vulnerabilities for Cognos Analytics by Ibm
Listed below are 10 of the newest known vulnerabilities associated with "Cognos Analytics" by "Ibm".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-35011 json | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). This may allow an authen... | 5.4 - MEDIUM | 2023-08-16 | 2023-09-21 |
| CVE-2023-35009 json | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentica... | 5.3 - MEDIUM | 2023-08-16 | 2023-08-31 |
| CVE-2023-28530 json | IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site scripting, caused by improper validation of SVG Files i... | 5.4 - MEDIUM | 2023-07-22 | 2023-08-14 |
| CVE-2023-25929 json | IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary ... | 5.4 - MEDIUM | 2023-07-22 | 2023-08-14 |
| CVE-2022-43887 json | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to ... | 5.3 - MEDIUM | 2022-12-19 | 2023-11-07 |
| CVE-2022-43883 json | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to a Log Injection attack by constructing URLs from user-... | 7.5 - HIGH | 2022-12-19 | 2023-11-07 |
| CVE-2022-39160 json | IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to emb... | 6.1 - MEDIUM | 2022-12-19 | 2023-11-07 |
| CVE-2022-38708 json | IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by c... | 9.1 - CRITICAL | 2022-12-19 | 2023-11-07 |
| CVE-2022-36773 json | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processin... | 8.1 - HIGH | 2022-09-01 | 2022-11-03 |
| CVE-2022-34339 json | "IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticate... | 6.5 - MEDIUM | 2022-11-03 | 2022-11-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Cognos Analytics | 11.1.7 | |||
| Application | Ibm | Cognos Analytics | 11.1.6 | |||
| Application | Ibm | Cognos Analytics | 11.1.5 | |||
| Application | Ibm | Cognos Analytics | 11.1.4 | |||
| Application | Ibm | Cognos Analytics | 11.1.3 | |||
| Application | Ibm | Cognos Analytics | 11.1.2 | |||
| Application | Ibm | Cognos Analytics | 11.1.1 | |||
| Application | Ibm | Cognos Analytics | 11.1.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.9 | |||
| Application | Ibm | Cognos Analytics | 11.0.8 | |||
| Application | Ibm | Cognos Analytics | 11.0.7.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.7 | |||
| Application | Ibm | Cognos Analytics | 11.0.6.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.6 | |||
| Application | Ibm | Cognos Analytics | 11.0.5.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.5 | |||
| Application | Ibm | Cognos Analytics | 11.0.4.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.4 | |||
| Application | Ibm | Cognos Analytics | 11.0.3.0 | |||
| Application | Ibm | Cognos Analytics | 11.0.3 |