) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:ibm:cognos_analytics:12.0.3:interim_fix_2:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-45082 |
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. Published: December 18, 2024; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.2 MEDIUM V2.0:(not available) |
| CVE-2024-41752 |
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Published: December 18, 2024; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
| CVE-2024-25042 |
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations. Published: December 18, 2024; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |