Cognos Controller

10.4.0

SEMANTIC 14 CVEs

11.0.0, 11.0.1

OTHER 10 CVEs

11.0.1

SEMANTIC 5 CVEs

10.4.1

SEMANTIC 9 CVEs

10.2.1

SEMANTIC 5 CVEs

10.2.0

SEMANTIC 5 CVEs

10.3.1

SEMANTIC 10 CVEs

10.4.2

SEMANTIC 5 CVEs

10.4.1, 10.4.2, 11.0.0

OTHER 10 CVEs

11.0.0

SEMANTIC 5 CVEs

10.3.0

SEMANTIC 10 CVEs

CVE-2022-22363

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

MEDIUM Jan 07, 2025

CVE-2021-20455

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

LOW Jan 07, 2025

CVE-2024-40702

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation.

HIGH Jan 07, 2025

CVE-2024-28778

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization.

MEDIUM Jan 07, 2025

CVE-2024-25037

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.

MEDIUM Jan 07, 2025