First published: Mon Jun 17 2019(Updated: )
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158879.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cognos Controller | =10.2.0 | |
IBM Cognos Controller | =10.2.1 | |
IBM Cognos Controller | =10.3.0 | |
IBM Cognos Controller | =10.3.1 | |
IBM Cognos Controller | =10.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-4174 has a severity of medium.
IBM Cognos Controller versions 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 are affected.
This vulnerability allows web pages to be stored locally and read by another user on the system.
To fix CVE-2019-4174, it is recommended to update IBM Cognos Controller to a version that has a security patch.
More information about CVE-2019-4174 can be found at the following references: [Reference 1](http://www.ibm.com/support/docview.wss?uid=ibm10886913), [Reference 2](https://exchange.xforce.ibmcloud.com/vulnerabilities/158879).