Lucene search

IbmCVE-2013-0484

HistoryJun 19, 2013 - 1:39 p.m.

CVE-2013-0484

2013-06-1913:39:24

ibm

web.nvd.nist.gov

ibm

cognos

tm1

10.1.x

10.1.1 fp1

server

denial of service

vulnerability

remote attackers

daemon crash

api call

unexpected data

nvd

cve-2013-0484

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.

Affected configurations

Nvd

Node

ibmcognos_tm1Match10.1.0

ibmcognos_tm1Match10.1.0.1

ibmcognos_tm1Match10.1.1

VendorProductVersionCPE
ibmcognos_tm110.1.0cpe:2.3:a:ibm:cognos_tm1:10.1.0:*:*:*:*:*:*:*
ibmcognos_tm110.1.0.1cpe:2.3:a:ibm:cognos_tm1:10.1.0.1:*:*:*:*:*:*:*
ibmcognos_tm110.1.1cpe:2.3:a:ibm:cognos_tm1:10.1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	cognos_tm1	10.1.0	cpe:2.3:a:ibm:cognos_tm1:10.1.0:::::::*
ibm	cognos_tm1	10.1.0.1	cpe:2.3:a:ibm:cognos_tm1:10.1.0.1:::::::*
ibm	cognos_tm1	10.1.1	cpe:2.3:a:ibm:cognos_tm1:10.1.1:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21637655

exchange.xforce.ibmcloud.com/vulnerabilities/81612

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

Related for CVE-2013-0484