Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-66265
HistoryMar 31, 2022 - 12:00 a.m.

IBM Cognos Controller XML External Entity Injection Vulnerability

2022-03-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
ibm cognos controller
xml external entity
injection vulnerability
business intelligence
planning solution
process automation
financial audit control
sensitive information
memory resources.

EPSS

0.002

Percentile

52.4%

JSON

IBM Cognos Controller is a business intelligence and planning solution from IBM Corporation. The product has features such as process automation, financial audit control, and the creation and management of financial reports.IBM Cognos Controller has an XML external entity injection vulnerability that stems from the product’s failure to properly filter special characters in XML data, which could be exploited by an attacker to obtain sensitive information or consume memory resources.

Related

nvd 1
cvelist 1
cve 1
prion 1
ibm 1
nvd
nvd
CVE-2020-4875
2022-01-21 18:15:08
cvelist
cvelist
CVE-2020-4875
2022-01-21 17:20:17
cve
cve
CVE-2020-4875
2022-01-21 18:15:08
prion
prion
Xxe
2022-01-21 18:15:00
ibm
ibm
Security Bulletin: IBM Cognos Controller has addressed multiple vulnerabilities
2022-01-20 18:38:06

EPSS

0.002

Percentile

52.4%

JSON
Related for CNVD-2022-66265
nvd1cvelist1cve1prion1ibm1