PT-2012-5607 · Ibm · Ibm Cognos Business Intelligence

Niv Sela

Published

2012-11-14

Updated

2017-08-29

CVE-2012-4847

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions IBM Cognos Business Intelligence (BI) versions 8.4 and 8.4.1

Description The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by sending a crafted request that contains a zero-valued byte.

Recommendations For versions 8.4 and 8.4.1, consider restricting access to the system to prevent remote authenticated users from sending crafted requests until a fix is available.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2012-4847

Affected Products

Ibm Cognos Business Intelligence

PT-2012-5607 · Ibm · Ibm Cognos Business Intelligence

CVE-2012-4847

Weakness Enumeration

Related Identifiers

Affected Products

References · 4