PT-2019-16953 · Ibm · Ibm Cognos Analytics

Published

2019-04-15

Updated

2019-05-09

CVE-2019-4178

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM Cognos Analytics version 11

Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system.

Recommendations For IBM Cognos Analytics version 11, apply the fix provided by IBM to prevent directory traversal attacks. As a temporary workaround, consider restricting access to sensitive files and directories until the issue is resolved.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-4178

Affected Products

Ibm Cognos Analytics

PT-2019-16953 · Ibm · Ibm Cognos Analytics

CVE-2019-4178

Weakness Enumeration

Related Identifiers

Affected Products

References · 5