CVE-2015-5014

Published: Oct 26, 2015Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation.

Affected (5)

Products: Ibm: Cognos Disclosure Management

Ibm

1 product

Cognos Disclosure Management

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Cognos Disclosure Management	Version 10.2.0
Ibm Cognos Disclosure Management	Version 10.2.1
Ibm Cognos Disclosure Management	Version 10.2.2
Ibm Cognos Disclosure Management	Version 10.2.3
Ibm Cognos Disclosure Management	Version 10.2.4

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

http://www-01.ibm.com/support/docview.wss?uid=swg21967228

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21967228

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.