Page 16 of 86 results (0.005 seconds)

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858. IBM Cognos Analytics 11.0 podría producir resultados en archivos temporales que contengan información altamente sensible que puede ser leída por un usuario local. IBM X-Force ID: 136858. • http://www.ibm.com/support/docview.wss?uid=swg22011561 http://www.securitytracker.com/id/1040299 https://exchange.xforce.ibmcloud.com/vulnerabilities/136858 https://security.netapp.com/advisory/ntap-20190329-0003 https://security.netapp.com/advisory/ntap-20190401-0003 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824. IBM Cognos Analytics 11.0 podría almacenar localmente credenciales en caché que podrían ser obtenidas por un usuario local. IBM X-Force ID: 136824. • http://www.ibm.com/support/docview.wss?uid=swg22011561 http://www.securityfocus.com/bid/102858 http://www.securitytracker.com/id/1040299 https://exchange.xforce.ibmcloud.com/vulnerabilities/136824 https://security.netapp.com/advisory/ntap-20190329-0003 https://security.netapp.com/advisory/ntap-20190401-0003 • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579. IBM Cognos Analytics 11.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22007242 https://exchange.xforce.ibmcloud.com/vulnerabilities/127579 https://security.netapp.com/advisory/ntap-20190329-0003 https://security.netapp.com/advisory/ntap-20190401-0003 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623. IBM Cognos Analytics 11.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22007242 https://exchange.xforce.ibmcloud.com/vulnerabilities/128623 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677. IBM Cognos Analytics 11.0 es vulnerable a Cross-Site Scripting (XSS) Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. Esto podría desembocar en una revelación de credenciales en una sesión de confianza. • http://www.ibm.com/support/docview.wss?uid=swg22007242 http://www.securityfocus.com/bid/100834 https://exchange.xforce.ibmcloud.com/vulnerabilities/130677 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •