CVE-2016-0398 — Improper Input Validation in IBM Cognos Analytics

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 45.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 2

Latest updateMay 17

Description

IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

GHSA

GHSA-hcx4-2vmc-fx2g: IBM Cognos Analytics (CA) 11↗2022-05-17

▶

CVEList

CVE-2016-0398: IBM Cognos Analytics (CA) 11↗2016-07-02

▶