Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIbmCVE-2013-2988
HistoryAug 27, 2013 - 3:34 a.m.

CVE-2013-2988

2013-08-2703:34:35
CWE-22
ibm
web.nvd.nist.gov
22
ibm
cognos
business intelligence
bi
path traversal
vulnerability
cve-2013-2988
nvd

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0.002

Percentile

61.3%

JSON

Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.

Affected configurations

Nvd
Node
ibmcognos_business_intelligenceMatch8.4.1
OR
ibmcognos_business_intelligenceMatch10.1
OR
ibmcognos_business_intelligenceMatch10.1.1
OR
ibmcognos_business_intelligenceMatch10.2
OR
ibmcognos_business_intelligenceMatch10.2.1
VendorProductVersionCPE
ibmcognos_business_intelligence8.4.1cpe:2.3:a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*
ibmcognos_business_intelligence10.1cpe:2.3:a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*
ibmcognos_business_intelligence10.1.1cpe:2.3:a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*
ibmcognos_business_intelligence10.2cpe:2.3:a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*
ibmcognos_business_intelligence10.2.1cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*

Related

cvelist 2
cve 1
nvd 2
prion 2
ibm 1
cvelist
cvelist
CVE-2013-2978
2013-08-27 01:00:00
CVE-2013-2988
2013-08-27 01:00:00
cve
cve
CVE-2013-2978
2013-08-27 03:34:35
nvd
nvd
CVE-2013-2988
2013-08-27 03:34:35
CVE-2013-2978
2013-08-27 03:34:35
prion
prion
Path traversal
2013-08-27 03:34:00
Path traversal
2013-08-27 03:34:00
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Control Center
2022-09-25 23:09:27

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0.002

Percentile

61.3%

JSON
Related for CVE-2013-2988
cvelist2cve1nvd2prion2ibm1