Vsevolod Ivanov

**Name of the Vulnerable Software and Affected Versions** IBM Cognos Analytics versions 11.1.7 through 11.2.1 **Description** The issue is related to the transmission of critical information in plain text. Exploitation of this issue may allow a remote attacker to disclose protected information. It is noted that user credentials are stored in plain clear text, which can be read by an authenticated user. **Recommendations** For IBM Cognos Analytics versions 11.1.7 through 11.2.1, consider restricting access to sensitive information and implementing additional security measures to protect user credentials until a fix is available. As a temporary workaround, restrict access to the `user credentials` storage to minimize the risk of exploitation.