CVE-2019-4174
First published: Mon Jun 17 2019(Updated: )
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158879.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Cognos Controller | =10.2.0 | |
| IBM Cognos Controller | =10.2.1 | |
| IBM Cognos Controller | =10.3.0 | |
| IBM Cognos Controller | =10.3.1 | |
| IBM Cognos Controller | =10.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-4174?
CVE-2019-4174 has a severity of medium.
What is the affected software for CVE-2019-4174?
IBM Cognos Controller versions 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 are affected.
How can this vulnerability be exploited?
This vulnerability allows web pages to be stored locally and read by another user on the system.
How can I fix CVE-2019-4174?
To fix CVE-2019-4174, it is recommended to update IBM Cognos Controller to a version that has a security patch.
Where can I find more information about CVE-2019-4174?
More information about CVE-2019-4174 can be found at the following references: [Reference 1](http://www.ibm.com/support/docview.wss?uid=ibm10886913), [Reference 2](https://exchange.xforce.ibmcloud.com/vulnerabilities/158879).
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- agent/tags
- agent/description
- agent/severity
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm cognos controller
- version/ibm cognos controller/10.2.0
- version/ibm cognos controller/10.2.1
- version/ibm cognos controller/10.3.0
- version/ibm cognos controller/10.3.1
- version/ibm cognos controller/10.4.0