First published: Tue Sep 17 2019(Updated: )
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cognos Controller | =10.4.0 | |
IBM Cognos Controller | =10.4.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-4175.
The severity of CVE-2019-4175 is high with a CVSS score of 7.5.
IBM Cognos Controller versions 10.4.0 and 10.4.1 are affected by CVE-2019-4175.
CVE-2019-4175 poses a risk of unauthorized decryption of highly sensitive information.
Yes, IBM has provided fixes for this vulnerability. Please refer to the IBM Security Bulletin for more information.