PT-2019-16953 · Ibm · Ibm Cognos Analytics

Publicado

2019-04-15

Atualizado

2019-05-09

CVE-2019-4178

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM Cognos Analytics version 11

Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system.

Recommendations For IBM Cognos Analytics version 11, apply the fix provided by IBM to prevent directory traversal attacks. As a temporary workaround, consider restricting access to sensitive files and directories until the issue is resolved.

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2019-4178

Produtos afetados

Ibm Cognos Analytics

PT-2019-16953 · Ibm · Ibm Cognos Analytics

CVE-2019-4178

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5