Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cognos_command_center
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-01 | CVE-2023-50324 | IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038. | Cognos_command_center | N/A | ||
| 2024-09-26 | CVE-2024-31899 | IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device. | Cognos_command_center | 4.3 | ||
| 2023-05-05 | CVE-2022-38707 | IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179. | Cognos_command_center | 5.5 | ||
| 2013-12-14 | CVE-2013-4001 | Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie. | Cognos_command_center | N/A | ||
| 2013-12-14 | CVE-2013-4000 | Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) start or (2) stop services. | Cognos_command_center | N/A |