IBM Cognos Analytics 11.2.4 Fix Pack 4

CPE Details

IBM Cognos Analytics 11.2.4 Fix Pack 4
ibm
cognos_analytics
11.2.4
2025-01-02
20h24 +00:00
2025-01-02
20h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack4:*:*:*:*:*:*

Informations

Vendor

ibm

Product

cognos_analytics

Version

11.2.4

Update

fixpack4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-25042 2024-12-18 16h20 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.
6.1
Medium
CVE-2024-45082 2024-12-18 16h15 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted.
6.8
Medium
CVE-2024-41752 2024-12-18 16h07 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
6.1
Medium