Command Execution Vulnerability in IBM Cognos Disclosure Management
CVE-2016-6077
5.3MEDIUM
Summary
IBM Cognos Disclosure Management 10.2 has a security vulnerability that enables an attacker to execute unauthorized commands by opening a malicious document. This can occur when a lower-privileged user unwittingly interacts with compromised files, leading to potential data breaches and system exploitation. For more details and mitigation strategies, refer to IBM's official documentation.
Affected Version(s)
Cognos Disclosure Management 10.2.0
Cognos Disclosure Management 10.1.1
Cognos Disclosure Management 10.2
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved