CVE-2020-4951: Infoleak
First published: Thu Oct 14 2021(Updated: )
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Cognos Analytics | =11.1.7 | |
| IBM Cognos Analytics | =11.2.0 | |
| NetApp OnCommand Insight |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID is CVE-2020-4951.
What software versions are affected by this vulnerability?
IBM Cognos Analytics versions 11.1.7 and 11.2.0 are affected.
What is the severity of CVE-2020-4951?
The severity of CVE-2020-4951 is medium.
How can a local attacker exploit this vulnerability?
A local attacker can exploit this vulnerability by obtaining sensitive information from locally cached browser data.
Are there any references available for this vulnerability?
Yes, you can find references for this vulnerability at the following links: [link1], [link2], [link3].
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/remedy
- agent/author
- agent/references
- agent/weakness
- agent/description
- collector/ibm-support
- source/IBM
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm cognos analytics
- version/ibm cognos analytics/11.1.7
- version/ibm cognos analytics/11.2.0
- vendor/netapp
- canonical/netapp oncommand insight