Cognos Express

cognos_express

Vendor: Ibm • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-5445 1Ibm 1Cognos Express May 6, 2026 Mar 25, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
CVE-2013-5444 1Ibm 1Cognos Express May 6, 2026 Mar 25, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors.
CVE-2013-5443 1Ibm 1Cognos Express May 6, 2026 Mar 25, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary user...Show more Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary users.Show less
CVE-2010-0557 1Ibm 1Cognos Express Apr 29, 2026 Feb 5, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials.