Absolute Path Traversal Vulnerability in IBM Cognos Business Intelligence
CVE-2013-2978

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 27 August 2013

Summary

An absolute path traversal vulnerability exists in IBM Cognos Business Intelligence, allowing remote authenticated users with 'Report Author' privileges to access sensitive files on the server. This flaw could potentially be exploited to retrieve unauthorized information, compromising the integrity of the system and the confidentiality of sensitive data. Organizations using affected versions should implement the necessary security patches and review user permissions to mitigate risks associated with this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21645566

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/83971

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 27, 2013
Vulnerability Reserved
Apr 12, 2013