Design/Logic Flaw

2022-09-0119:15:00

PRIOn knowledge base

www.prio-n.com

ibm

cognos analytics

denial of service

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 227591.

CPENameOperatorVersion
cognos_analyticseq11.1.7
cognos_analyticsge11.1.0
cognos_analyticslt11.1.7
cognos_analyticseq11.1.7 fixpack1
cognos_analyticseq11.1.7 fixpack2
cognos_analyticseq11.1.7 fixpack3
cognos_analyticseq11.1.7 fixpack4
cognos_analyticsge11.2.0
cognos_analyticslt11.2.3

Name	Operator	Version
cognos_analytics	eq	11.1.7
cognos_analytics	ge	11.1.0
cognos_analytics	lt	11.1.7
cognos_analytics	eq	11.1.7 fixpack1
cognos_analytics	eq	11.1.7 fixpack2
cognos_analytics	eq	11.1.7 fixpack3
cognos_analytics	eq	11.1.7 fixpack4
cognos_analytics	ge	11.2.0
cognos_analytics	lt	11.2.3