CVE-2013-5445
published 2014-03-25CVE-2013-5445: IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information…
PriorityP418medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.18%
63.8th percentile
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | cognos_express | — | — |
| ibm | cognos_express | — | — |
| ibm | cognos_express | — | — |
| ibm | cognos_express | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
IBM Cognos Express up to 9.4 cryptographic issue (XFDB-87821 / BID-66361)
vuldb·2026-05-09·CVSS 5.0
CVE-2013-5445 [MEDIUM] IBM Cognos Express up to 9.4 cryptographic issue (XFDB-87821 / BID-66361)
A vulnerability was found in IBM Cognos Express up to 9.4. It has been classified as problematic. This issue affects some unknown processing. The manipulation leads to cryptographic issues.
This vulnerability is referenced as CVE-2013-5445. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
GHSA
GHSA-wmh5-53p6-5c7v: IBM Cognos Express 9
ghsa_unreviewed·2022-05-17
CVE-2013-5445 [MEDIUM] GHSA-wmh5-53p6-5c7v: IBM Cognos Express 9
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-03-25
Published