CVE-2013-2988

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 27 August 2013

Summary

Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21645566

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84010

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 27, 2013
Vulnerability Reserved
Apr 12, 2013