Cognos Dashboards on Cloud Pak for Data
by IBM
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41739 | 0.00 | — | 0.00 | Jan 24, 2025 | IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion. | |||
| CVE-2023-38735 | 0.00 | — | 0.01 | Oct 22, 2023 | IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482. | |||
| CVE-2023-38276 | 0.00 | — | 0.00 | Oct 22, 2023 | IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736. | |||
| CVE-2023-38275 | 0.00 | — | 0.00 | Oct 22, 2023 | IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730. |
- CVE-2024-41739Jan 24, 2025risk 0.00cvss —epss 0.00
IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion.
- CVE-2023-38735Oct 22, 2023risk 0.00cvss —epss 0.01
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482.
- CVE-2023-38276Oct 22, 2023risk 0.00cvss —epss 0.00
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736.
- CVE-2023-38275Oct 22, 2023risk 0.00cvss —epss 0.00
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730.