cbcvebase.
CVE-2016-3037
published 2017-04-17

CVE-2016-3037: IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could…

medium5.7CVSS 3.0
AVNACLPRLUIRSUCHINAN
IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613.

Affected

9 ranges
VendorProductVersion rangeFixed in
ibmcognos_business_intelligence
ibmcognos_business_intelligence
ibmcognos_business_intelligence
ibm_corporationcognos_tm1
ibm_corporationcognos_tm1
ibm_corporationcognos_tm1
ibm_corporationcognos_tm1
ibm_corporationcognos_tm1
ibm_corporationcognos_tm1