Denial of Service Vulnerability in IBM Cognos TM1 by IBM
CVE-2016-0381
4.3MEDIUM
Summary
The vulnerability arises in IBM Cognos TM1 version 10.2.2 before FP5, where an empty setting in AdminGroups allows remote authenticated users to trigger a denial of service. By submitting a non-empty value in this context, the system may experience a configuration outage, impacting availability and system performance. Organizations using this version should be aware of the potential for service disruption and take necessary precautions.
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved