Lucene search
HistorySep 01, 2022 - 7:15 p.m.
CVE-2021-29823
ibm
cognos analytics
cross-site request forgery
vulnerable
x-force id
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
35.1%
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204465.
Affected configurations
Node
ibmcognos_analyticsRange11.1.0–11.1.7
ORibmcognos_analyticsRange11.2.0–11.2.3
ORibmcognos_analyticsMatch11.1.7-
ORibmcognos_analyticsMatch11.1.7fixpack1
ORibmcognos_analyticsMatch11.1.7fixpack2
ORibmcognos_analyticsMatch11.1.7fixpack3
ORibmcognos_analyticsMatch11.1.7fixpack4
Node
netapponcommand_insightMatch-
Related
cvelist
cvelist
CVE-2021-29823
2022-08-31 00:00:00
cve
cve
CVE-2021-29823
2022-09-01 19:15:11
prion
prion
Cross site request forgery (csrf)
2022-09-01 19:15:00
ibm
ibm
nessus
nessus
IBM Cognos Analytics Multiple Vulnerabilities (6616285)
2022-09-02 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
35.1%
Related for NVD:CVE-2021-29823