IBM Cognos Analytics 12.0.3 Interim Fix 1

CPE Details

IBM Cognos Analytics 12.0.3 Interim Fix 1
ibm
cognos_analytics
12.0.3
2024-10-17
11h34 +00:00
2024-10-17
11h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:cognos_analytics:12.0.3:interim_fix_1:*:*:*:*:*:*

Informations

Vendor

ibm

Product

cognos_analytics

Version

12.0.3

Update

interim_fix_1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-25042 2024-12-18 16h20 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.
6.1
Medium
CVE-2024-45082 2024-12-18 16h15 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted.
6.8
Medium
CVE-2024-41752 2024-12-18 16h07 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
6.1
Medium
CVE-2024-40703 2024-09-22 12h20 +00:00 IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks against affected applications.
5.5
Medium