CVE-2013-4034

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 18 November 2013

Summary

IBM Cognos Business Intelligence 8.4.1 before IF3, 10.1.0 before IF4, 10.1.1 before IF4, 10.2.0 before IF4, 10.2.1 before IF2, and 10.2.1.1 before IF1 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21652590

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/86137

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 18, 2013
Vulnerability Reserved
Jun 7, 2013