IBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cause the web server to make HTTP requests to arbitrary domains. IBM X-Force ID: 147369.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2019-11-09T01:41:06.797474Z
Updated: 2024-09-16T19:55:39.776Z
Reserved: 2017-12-13T00:00:00
Link: CVE-2018-1721
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-11-09T02:15:10.600
Modified: 2019-11-12T18:26:43.667
Link: CVE-2018-1721
Redhat
No data.