IBM Cognos Analytics 12.0.3 Interim Fix 2

CPE Details

IBM Cognos Analytics 12.0.3 Interim Fix 2
ibm
cognos_analytics
12.0.3
2024-10-17
11h34 +00:00
2024-10-17
11h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:cognos_analytics:12.0.3:interim_fix_2:*:*:*:*:*:*

Informations

Vendor

ibm

Product

cognos_analytics

Version

12.0.3

Update

interim_fix_2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-25042 2024-12-18 16h20 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.
6.1
Medium
CVE-2024-45082 2024-12-18 16h15 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted.
6.8
Medium
CVE-2024-41752 2024-12-18 16h07 +00:00 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
6.1
Medium