Ibm Corporation Cognos Tm1 vulnerabilities
3 known vulnerabilities affecting ibm_corporation/cognos_tm1.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2016-3036HIGHCVSS 7.5v10.1v10.1.1+4 more2017-04-17
CVE-2016-3036 [HIGH] CWE-119 CVE-2016-3036: IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer ov
IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 114612.
cvelistv5nvd
CVE-2016-3037MEDIUMCVSS 5.7v10.1v10.1.1+4 more2017-04-17
CVE-2016-3037 [MEDIUM] CWE-200 CVE-2016-3037: IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session
IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613.
cvelistv5nvd
CVE-2016-3038MEDIUMCVSS 5.4v10.1v10.1.1+4 more2017-04-17
CVE-2016-3038 [MEDIUM] CWE-79 CVE-2016-3038: IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. This vulnerability allows users
IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114614.
cvelistv5nvd