First published: Fri Feb 23 2024(Updated: )
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Cognos Analytics | <=12.0.0-12.0.1 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP2 | |
IBM Cognos Analytics | <=11.1.1-11.1.7 FP7 | |
NetApp OnCommand Insight | ||
IBM Cognos Analytics | >=11.1.1<11.1.7 | |
IBM Cognos Analytics | >=11.2.0<11.2.4 | |
IBM Cognos Analytics | =11.1.7 | |
IBM Cognos Analytics | =11.1.7-fixpack1 | |
IBM Cognos Analytics | =11.1.7-fixpack2 | |
IBM Cognos Analytics | =11.1.7-fixpack3 | |
IBM Cognos Analytics | =11.1.7-fixpack4 | |
IBM Cognos Analytics | =11.1.7-fixpack5 | |
IBM Cognos Analytics | =11.1.7-fixpack6 | |
IBM Cognos Analytics | =11.1.7-fixpack7 | |
IBM Cognos Analytics | =11.2.4 | |
IBM Cognos Analytics | =11.2.4-fixpack1 | |
IBM Cognos Analytics | =11.2.4-fixpack2 | |
IBM Cognos Analytics | =12.0.0 | |
IBM Cognos Analytics | =12.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.