CVE-2019-4176

Published: Jun 17, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 158881.

Affected (5)

Products: Ibm: Cognos Controller

Ibm

1 product

Cognos Controller

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Cognos Controller	Version 10.2.0
Ibm Cognos Controller	Version 10.2.1
Ibm Cognos Controller	Version 10.3.0
Ibm Cognos Controller	Version 10.3.1
Ibm Cognos Controller	Version 10.4.0

References (4)

http://www.ibm.com/support/docview.wss?uid=ibm10886913

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/158881

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www.ibm.com/support/docview.wss?uid=ibm10886913

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/158881

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.