CVE-2017-1764

7HIGH

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 23 April 2018

Summary

IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized circumstances, could expose plain text credentials to a local user. IBM X-Force ID: 136149.

Affected Version(s)

Cognos Business Intelligence 10.2

Cognos Business Intelligence 10.2.1

Cognos Business Intelligence 10.2.1.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/136149

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg22014202

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 23, 2018
Vulnerability Reserved
Nov 30, 2016