Known Vulnerabilities for Cognito by Vectra
Listed below are 3 of the newest known vulnerabilities associated with "Cognito" by "Vectra".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6912 json | Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS ... | Not Provided | 2026-04-24 | 2026-04-24 |
| CVE-2026-6911 json | Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended ... | Not Provided | 2026-04-24 | 2026-04-24 |
| CVE-2024-10182 json | The Cognito Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up... | Not Provided | 2024-12-12 | 2026-04-08 |
| CVE-2018-14891 json | Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability... | 7.8 - HIGH | 2018-09-21 | 2019-10-03 |
| CVE-2018-14890 json | Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management... | 5.4 - MEDIUM | 2018-09-21 | 2018-11-07 |
| CVE-2018-14889 json | CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability. | 7.8 - HIGH | 2018-09-21 | 2018-11-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vectra | Cognito | 4.2 |