Search
Search Results (8 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-1994 | 1 Ibm | 1 Cognos Command Center | 2025-08-29 | 7.8 High |
| IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function. | ||||
| CVE-2025-2697 | 1 Ibm | 1 Cognos Command Center | 2025-08-29 | 7.4 High |
| IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | ||||
| CVE-2025-1494 | 1 Ibm | 1 Cognos Command Center | 2025-08-29 | 6.1 Medium |
| IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. | ||||
| CVE-2023-50324 | 1 Ibm | 1 Cognos Command Center | 2025-04-23 | 5.3 Medium |
| IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038. | ||||
| CVE-2013-4001 | 1 Ibm | 1 Cognos Command Center | 2025-04-11 | N/A |
| Session fixation vulnerability in IBM Cognos Command Center before 10.2 allows remote attackers to hijack web sessions via an authorization cookie. | ||||
| CVE-2013-4000 | 1 Ibm | 1 Cognos Command Center | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) start or (2) stop services. | ||||
| CVE-2022-38707 | 1 Ibm | 1 Cognos Command Center | 2025-01-29 | 4 Medium |
| IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179. | ||||
| CVE-2024-31899 | 1 Ibm | 1 Cognos Command Center | 2025-01-07 | 4.3 Medium |
| IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device. | ||||
Page 1 of 1.