Command Execution Vulnerability in IBM Cognos Disclosure Management
CVE-2016-6077

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Cognos Disclosure Management
Vendor: CVE Published:; 15 February 2017

What is CVE-2016-6077?

IBM Cognos Disclosure Management 10.2 has a security vulnerability that enables an attacker to execute unauthorized commands by opening a malicious document. This can occur when a lower-privileged user unwittingly interacts with compromised files, leading to potential data breaches and system exploitation. For more details and mitigation strategies, refer to IBM's official documentation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cognos Disclosure Management 10.2.0

Cognos Disclosure Management 10.1.1

Cognos Disclosure Management 10.2

References

http://www.securityfocus.com/bid/93829

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21991584

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2017
Vulnerability Reserved
Jun 29, 2016

JSON

IBM