CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0CVE-2021-39045
https://notcve.org/view.php?id=CVE-2021-39045
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain information due to the autocomplete feature on password input fields. IBM X-Force ID: 214345. IBM Cognos Analytics versiones 11.1.7, 11.2.0 y 11.2.1, podrían permitir a un atacante local obtener información debido a la funcionalidad autocomplete en los campos de entrada de contraseñas. IBM X-Force ID: 214345 • https://exchange.xforce.ibmcloud.com/vulnerabilities/214345 https://security.netapp.com/advisory/ntap-20221014-0005 https://www.ibm.com/support/pages/node/6615285 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-39009
https://notcve.org/view.php?id=CVE-2021-39009
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 213554. IBM Cognos Analytics versiones 11.1.7, 11.2.0 y 11.2.1, almacena las credenciales de usuario en texto sin cifrar que puede ser leído por un usuario local privilegiado. IBM X-Force ID: 213554 • https://exchange.xforce.ibmcloud.com/vulnerabilities/213554 https://security.netapp.com/advisory/ntap-20221014-0005 https://www.ibm.com/support/pages/node/6615285 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-29823
https://notcve.org/view.php?id=CVE-2021-29823
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204465. IBM Cognos Analytics versiones 11.1.7, 11.2.0 y 11.2.1, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que el sitio web confía. IBM X-Force ID: 204465 • https://exchange.xforce.ibmcloud.com/vulnerabilities/204465 https://security.netapp.com/advisory/ntap-20221014-0005 https://www.ibm.com/support/pages/node/6615285 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20468
https://notcve.org/view.php?id=CVE-2021-20468
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 196825. IBM Cognos Analytics versiones 11.1.7, 11.2.0 y 11.2.1, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que el sitio web confía. IBM X-Force ID: 196825 • https://exchange.xforce.ibmcloud.com/vulnerabilities/196825 https://security.netapp.com/advisory/ntap-20221014-0005 https://www.ibm.com/support/pages/node/6615285 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-4301
https://notcve.org/view.php?id=CVE-2020-4301
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176609. IBM Cognos Analytics versiones 11.1.7, 11.2.0 y 11.2.1, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que el sitio web confía. IBM X-Force ID: 176609 • https://exchange.xforce.ibmcloud.com/vulnerabilities/176609 https://security.netapp.com/advisory/ntap-20221014-0005 https://www.ibm.com/support/pages/node/6615285 • CWE-352: Cross-Site Request Forgery (CSRF) •