First published: Thu Jan 20 2022(Updated: )
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cognos Controller | =10.4.0 | |
IBM Cognos Controller | =10.4.1 | |
IBM Cognos Controller | =10.4.2 | |
Microsoft Windows | ||
<=IBM Cognos Controller 10.4.2 | ||
<=IBM Cognos Controller 10.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-4879.
The severity of CVE-2020-4879 is critical (9.8).
IBM Cognos Controller versions 10.4.0, 10.4.1, and 10.4.2 are affected by this vulnerability.
A remote attacker can exploit this vulnerability by bypassing security restrictions through improper validation of authentication cookies.
Yes, IBM has provided a fix for this vulnerability. Please refer to the vendor's advisory for more information.