PT-2020-18045 · Ibm · Ibm Cognos Analytics

Published

2020-10-12

Updated

2020-10-14

CVE-2020-4388

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM Cognos Analytics versions 11.0 through 11.1

Description The issue allows for a denial of service attack due to the failure to catch exceptions in a servlet. Additionally, debug information exposure could potentially be used in future attacks.

Recommendations For IBM Cognos Analytics versions 11.0 through 11.1, update to a version that includes the fix for this issue to prevent denial of service attacks and exposure of debug information.

Fix

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-755

Related Identifiers

CVE-2020-4388

Affected Products

Ibm Cognos Analytics

PT-2020-18045 · Ibm · Ibm Cognos Analytics

CVE-2020-4388

Weakness Enumeration

Related Identifiers

Affected Products

References · 4