Known Vulnerabilities for Cognos Analytics by Ibm
Listed below are 10 of the newest known vulnerabilities associated with "Cognos Analytics" by "Ibm".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-29756 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the My Inbox page which could al... | 8.8 - HIGH | 2021-12-03 | 2022-01-04 |
| CVE-2021-29745 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to th... | 8.8 - HIGH | 2021-10-15 | 2022-07-12 |
| CVE-2021-29719 | IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an ... | 5.3 - MEDIUM | 2021-12-03 | 2023-08-08 |
| CVE-2021-29716 | IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application that privileged user should on... | 6.5 - MEDIUM | 2021-12-03 | 2022-07-12 |
| CVE-2021-29679 | IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutrali... | 8.8 - HIGH | 2021-10-15 | 2021-11-17 |
| CVE-2021-20493 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitr... | 6.1 - MEDIUM | 2021-12-03 | 2022-01-04 |
| CVE-2021-20470 | IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords by default, which makes it ea... | 7.5 - HIGH | 2021-12-03 | 2022-01-04 |
| CVE-2021-20468 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to ... | 6.5 - MEDIUM | 2022-09-01 | 2022-11-03 |
| CVE-2021-20464 | IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7) could be vulnerable to an XML Bomb attack by... | 6.5 - MEDIUM | 2022-04-22 | 2022-06-03 |
| CVE-2021-20461 | IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration ... | 6.5 - MEDIUM | 2021-06-30 | 2022-07-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Cognos Analytics | 11.1.7 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.6 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.5 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.4 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.3 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.2 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.1 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.1.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.9 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.8 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.7.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.7 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.6.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.6 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.5.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.5 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.4.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.4 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.3.0 | All | All | All |
| Application | Ibm | Cognos Analytics | 11.0.3 | All | All | All |