| Max CVSS | 5.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-1842 | 3.3 |
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.
|
09-10-2019 - 23:39 | 09-11-2018 - 01:29 | |
| CVE-2017-1783 | 2.1 |
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.
|
03-10-2019 - 00:03 | 29-01-2018 - 16:29 | |
| CVE-2017-1779 | 2.1 |
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
|
03-10-2019 - 00:03 | 29-01-2018 - 16:29 | |
| CVE-2017-1784 | 2.1 |
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.
|
30-09-2019 - 15:42 | 29-01-2018 - 16:29 | |
| CVE-2018-1413 | 3.5 |
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted
|
27-04-2019 - 18:52 | 07-05-2018 - 13:29 | |
| CVE-2017-1427 | 4.3 |
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted
|
01-04-2019 - 08:29 | 29-08-2017 - 21:29 | |
| CVE-2017-1428 | 5.8 |
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and pos
|
01-04-2019 - 08:29 | 29-08-2017 - 21:29 |