Description
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847.
CVSS breakdown
CVSS 3.0
Confidentiality
Low
Availability
Low
Scope
Unchanged
Privileges Required
None
Integrity
Low
Attack Complexity
Low
Attack Vector
Network
User Interaction
None
E
Unchanged
RL
O
RC
Changed
Affected products
- ibm / cognos_controller10.4.0 – 10.4.0
- ibm / cognos_controller10.4.1 – 10.4.1
- ibm / cognos_controller10.4.2 – 10.4.2