Search Results | AttackerKB

Show filters

Topics 11 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

11 Total Results

Displaying 1-10 of 11

Attacker Value

Unknown

CVE-2017-1784

Disclosure Date: January 29, 2018 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.

0

Attacker Value

Unknown

CVE-2017-1783

Disclosure Date: January 29, 2018 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.

0

Attacker Value

Unknown

CVE-2017-1779

Disclosure Date: January 29, 2018 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.

0

Attacker Value

Unknown

CVE-2017-1428

Disclosure Date: August 29, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 127583.

0

Attacker Value

Unknown

CVE-2017-1427

Disclosure Date: August 29, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579.

0

Attacker Value

Unknown

CVE-2017-1535

Disclosure Date: August 29, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677.

0

Attacker Value

Unknown

CVE-2017-1485

Disclosure Date: August 29, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623.

0

Attacker Value

Unknown

CVE-2016-3032

Disclosure Date: May 10, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114516.

0

Attacker Value

Unknown

CVE-2016-3015

Disclosure Date: April 05, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887.

0

Attacker Value

Unknown

CVE-2016-3031

Disclosure Date: April 05, 2017 (last updated November 26, 2024)

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887.

0