Multiple vulnerabilities in IBM Cognos Command Center
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 30 |
| CVE-ID | CVE-2021-34428 CVE-2017-7656 CVE-2022-42004 CVE-2022-38707 CVE-2022-42003 CVE-2021-37533 CVE-2021-29425 CVE-2022-31160 CVE-2019-11358 CVE-2015-9251 CVE-2020-11022 CVE-2020-11023 CVE-2018-12536 CVE-2019-10247 CVE-2020-27218 CVE-2019-10241 CVE-2021-28165 CVE-2022-21449 CVE-2022-21434 CVE-2022-21443 CVE-2022-21624 CVE-2022-4304 CVE-2017-7658 CVE-2017-7657 CVE-2018-12545 CVE-2022-2191 CVE-2022-2047 CVE-2022-2048 CVE-2020-27223 CVE-2021-28169 |
| CWE-ID | CWE-613 CWE-444 CWE-400 CWE-502 CWE-345 CWE-22 CWE-79 CWE-1321 CWE-200 CWE-20 CWE-208 CWE-401 CWE-399 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #9 is available. Public exploit code for vulnerability #11 is available. Vulnerability #12 is being exploited in the wild. Public exploit code for vulnerability #18 is available. Public exploit code for vulnerability #29 is available. |
| Vulnerable software |
IBM Cognos Command Center Client/Desktop applications / Other client software |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 30 vulnerabilities.
1) Insufficient Session Expiration
EUVDB-ID: #VU55642
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-34428
CWE-ID:
CWE-613 - Insufficient Session Expiration
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to insufficient session expiration issue. If an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) HTTP request smuggling attack
EUVDB-ID: #VU13527
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-7656
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to conduct an HTTP request smuggling attack on the target system.
The vulnerability exists due to improper handling of HTTP/0.9 requests. A remote attacker can send a specially crafted HTTP/0.9 request that submits malicious request headers, cause the software and an upstream HTTP agent to misinterpret the boundary of the request and poison the web cache on the system, which could be used to conduct further attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU68832
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-42004
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control usage of deeply nested arrays in BeanDeserializer._deserializeFromArray. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Insufficient Session Expiration
EUVDB-ID: #VU75768
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-38707
CWE-ID:
CWE-613 - Insufficient Session Expiration
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to sensitive information.
The vulnerability exists due to insufficient session expiration issue. A local attacker can obtain or guess session token and gain unauthorized access to session that belongs to another user.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Deserialization of Untrusted Data
EUVDB-ID: #VU68635
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-42003
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure input validation when processing serialized data when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. A remote attacker can pass specially crafted data to the application and cause a denial of service condition on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Insufficient verification of data authenticity
EUVDB-ID: #VU70441
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37533
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows an attacker to redirect victim to a malicious host.
The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Path traversal
EUVDB-ID: #VU52252
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-29425
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error within the FileNameUtils.normalize method when processing directory traversal sequences, such as "//../foo", or "\..foo". A remote attacker can send a specially crafted request and verify files availability in the parent folder.
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Cross-site scripting
EUVDB-ID: #VU65834
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-31160
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when initializing a checkboxradio widget on an input enclosed within a label
makes that parent label contents considered as the input label. If .checkboxradio( "refresh" ) is called on such a
widget and the initial HTML contains encoded HTML entities, they will
erroneously get decoded and executed. A remote attacker can execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Prototype pollution
EUVDB-ID: #VU18092
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2019-11358
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary JavaScript code.
The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) Cross-site scripting
EUVDB-ID: #VU14150
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-9251
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when a cross-domain Ajax request is performed without the dataType option. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary text/javascript responses in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Cross-site scripting
EUVDB-ID: #VU27052
Risk: Low
CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/U:Clear]
CVE-ID: CVE-2020-11022
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the regex operation in "jQuery.htmlPrefilter". A remote attacker can pass specially crafted data to the application that uses .html()</code>, <code>.append() or similar methods for it and execute arbitrary JavaScript code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Cross-site scripting
EUVDB-ID: #VU27519
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:A/U:Clear]
CVE-ID: CVE-2020-11023
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when passing <option> elements to jQuery’s DOM manipulation methods. A remote attacker can execute arbitrary JavaScript code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
13) Information disclosure
EUVDB-ID: #VU13530
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-12536
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to improper handling of queries that do not match the dynamic URL pattern for webapps that use default error handling settings. A remote attacker can send a query that submits malicious input, trigger a java.nio.file.InvalidPathException message, which could allow the attacker to view sensitive information, such as the software installation path.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU25067
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-10247
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Integrator Acquistion System (Eclipse Jetty) component in Oracle Endeca Information Discovery Integrator. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU52502
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-27218
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate or delete data.
The vulnerability exists due to improper input validation within the SC Admin server (Eclipse Jetty) component in Oracle Communications Converged Application Server - Service Controller. A remote non-authenticated attacker can exploit this vulnerability to manipulate or delete data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Cross-site scripting
EUVDB-ID: #VU26320
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-10241
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Resource exhaustion
EUVDB-ID: #VU51876
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-28165
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing large TLS frames. A remote attacker can send specially crafted data to the server, trigger CPU high load and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Improper input validation
EUVDB-ID: #VU62397
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2022-21449
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
19) Improper input validation
EUVDB-ID: #VU62401
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21434
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Improper input validation
EUVDB-ID: #VU62402
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21443
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper input validation
EUVDB-ID: #VU68441
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-21624
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the JNDI component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Information Exposure Through Timing Discrepancy
EUVDB-ID: #VU71993
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-4304
CWE-ID:
CWE-208 - Information Exposure Through Timing Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain sensitive information.
The vulnerability exists due to a timing based side channel exists in the OpenSSL RSA Decryption implementation. A remote attacker can perform a Bleichenbacher style attack and decrypt data sent over the network.
To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) HTTP request smuggling attack
EUVDB-ID: #VU13529
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-7658
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to conduct an HTTP request smuggling attack on the target system.
The vulnerability exists due to improper handling HTTP requests that contain more than one content-length header. A remote attacker can send a specially crafted HTTP request that contains a transfer-encoding header and a content-length header, cause the software and an upstream HTTP agent to misinterpret the boundary of the request and to poison the web cache on the system, which could be used to conduct further attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Information disclosure
EUVDB-ID: #VU13528
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-7657
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to improper handling of queries that do not match the dynamic URL pattern for webapps that use default error handling settings. A remote attacker can send a query that submits malicious input, trigger a java.nio.file.InvalidPathException message, which could allow the attacker to view sensitive information, such as the software installation path.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU36036
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-12545
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Memory leak
EUVDB-ID: #VU65832
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-2191
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak when handling incorrect TLS connections. A remote attacker can force the application to leak memory and perform denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Input validation error
EUVDB-ID: #VU65831
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2047
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input when parsing invalid URIs such as http://localhost;/path. A remote attacker can pass specially crafted input to the application and bypass implemented security restrictions, as the Jetty's HttpClient, and Jetty's ProxyServlet / AsyncProxyServlet / AsyncMiddleManServlet will wrongly interpret an authority of such URI as the one with a hostname.
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Resource management error
EUVDB-ID: #VU65830
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-2048
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when handling invalid HTTP/2 requests. A remote attacker can send specially crafted requests to the server and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper input validation
EUVDB-ID: #VU52385
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-27223
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the General (Eclipse Jetty) component in Oracle REST Data Services. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
30) Input validation error
EUVDB-ID: #VU53973
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-28169
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information..
The vulnerability exists due to a double decoding issue when parsing URI with certain characters. A remote attacker can send requests to the ConcatServlet and WelcomeFilter and view contents of protected resources within the WEB-INF directory.
Example:
/concat?/%2557EB-INF/web.xml
Install update from vendor's website.
Vulnerable software versionsIBM Cognos Command Center: before 10.2.4 Fix Pack 1 IF17
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/6983274
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
