CVE-2020-4879

Name of the Vulnerable Software and Affected Versions IBM Cognos Controller versions 10.4.0 through 10.4.2

Description The issue is related to improper validation of authentication cookies, which could allow a remote attacker to bypass security restrictions. This may impact the confidentiality, integrity, and availability of protected information.

Recommendations For versions 10.4.0 through 10.4.2, consider disabling the use of authentication cookies until a patch is available. As a temporary workaround, restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.