Refine your search
7 vulnerabilities found for Cognos Command Center by IBM
CERTFR-2026-AVI-0224
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisième trimestre 2026.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Application Server versions 8.x antérieures à 8.5.5.30 | ||
| IBM | WebSphere | WebSphere Application Server - Liberty versions antérieures à 26.0.0.3 | ||
| IBM | QRadar Assistant | QRadar AI Assistant versions antérieures à 1.3.1 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.3 GA | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 IF05 | ||
| IBM | Sterling | Sterling Transformation Extender sans l'application des mesures de contournement décrites par l'éditeur | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.1.x antérieures à 6.2.1.1 GA | ||
| IBM | Db2 | Db2 mirror pour i sans les derniers correctifs de sécurité | ||
| IBM | WebSphere | WebSphere Application Server versions 9.x antérieures à 9.0.5.27 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.3 GA | ||
| IBM | Cognos Command Center | Cognos Command Center versions antérieures à 10.2.5 FP1 IF3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Application Server versions 8.x ant\u00e9rieures \u00e0 8.5.5.30",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty versions ant\u00e9rieures \u00e0 26.0.0.3",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar AI Assistant versions ant\u00e9rieures \u00e0 1.3.1",
"product": {
"name": "QRadar Assistant",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14 IF05",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender sans l\u0027application des mesures de contournement d\u00e9crites par l\u0027\u00e9diteur",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 mirror pour i sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.27",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 FP1 IF3",
"product": {
"name": "Cognos Command Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisi\u00e8me trimestre 2026.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2026-22610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
},
{
"name": "CVE-2025-66412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-66035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
},
{
"name": "CVE-2025-68664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68664"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2026-22690",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22690"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2025-69230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
},
{
"name": "CVE-2025-66019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66019"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"name": "CVE-2026-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1615"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2025-61140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61140"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-69224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2025-68480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68480"
},
{
"name": "CVE-2025-14847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14847"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2025-68615",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68615"
},
{
"name": "CVE-2026-22691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22691"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-02-27T00:00:00",
"last_revision_date": "2026-02-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0224",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261959",
"url": "https://www.ibm.com/support/pages/node/7261959"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261794",
"url": "https://www.ibm.com/support/pages/node/7261794"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261890",
"url": "https://www.ibm.com/support/pages/node/7261890"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261887",
"url": "https://www.ibm.com/support/pages/node/7261887"
},
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261935",
"url": "https://www.ibm.com/support/pages/node/7261935"
},
{
"published_at": "2026-02-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261436",
"url": "https://www.ibm.com/support/pages/node/7261436"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261774",
"url": "https://www.ibm.com/support/pages/node/7261774"
}
]
}
CVE-2025-1994 (GCVE-0-2025-1994)
Vulnerability from cvelistv5
Published
2025-08-26 16:49
Modified
2025-08-26 17:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-242 - Use of Inherently Dangerous Function
Summary
IBM Cognos Command Center 10.2.4.1 and 10.2.5
could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1 Version: 10.2.5 cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T17:35:43.289596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:35:50.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1"
},
{
"status": "affected",
"version": "10.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 \n\n\n\ncould allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-242",
"description": "CWE-242 Use of Inherently Dangerous Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T16:49:03.832Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7242159"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product(s)\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eFix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.5\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.4.1\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading.\n\nAffected Product(s)VersionFixIBM Cognos Command Center10.2.5 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167 IBM Cognos Command Center10.2.4.1 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center code execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1994",
"datePublished": "2025-08-26T16:49:03.832Z",
"dateReserved": "2025-03-05T16:10:32.378Z",
"dateUpdated": "2025-08-26T17:35:50.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2697 (GCVE-0-2025-2697)
Vulnerability from cvelistv5
Published
2025-08-26 16:47
Modified
2025-08-26 17:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Summary
IBM Cognos Command Center 10.2.4.1 and 10.2.5
could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1 Version: 10.2.5 cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T17:36:02.720697Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:36:08.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1"
},
{
"status": "affected",
"version": "10.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.\u003c/span\u003e"
}
],
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 \n\ncould allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T16:47:25.981Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7242159"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product(s)\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eFix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.5\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.4.1\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading.\n\nAffected Product(s)VersionFixIBM Cognos Command Center10.2.5 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167 IBM Cognos Command Center10.2.4.1 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center HTTP Open Redirect",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-2697",
"datePublished": "2025-08-26T16:47:25.981Z",
"dateReserved": "2025-03-23T16:28:25.483Z",
"dateUpdated": "2025-08-26T17:36:08.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1494 (GCVE-0-2025-1494)
Vulnerability from cvelistv5
Published
2025-08-26 16:45
Modified
2025-08-26 17:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Summary
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1 Version: 10.2.5 cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T17:36:21.928358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:36:26.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1"
},
{
"status": "affected",
"version": "10.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim\u0027s click actions and possibly launch further attacks against the victim."
}
],
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim\u0027s click actions and possibly launch further attacks against the victim."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T16:45:35.076Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7242159"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product(s)\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eFix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.5\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Command Center\u003c/td\u003e\u003ctd\u003e10.2.4.1\u003c/td\u003e\u003ctd\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7239167\"\u003eIBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central\u003c/a\u003e\u003c/span\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading.\n\nAffected Product(s)VersionFixIBM Cognos Command Center10.2.5 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167 IBM Cognos Command Center10.2.4.1 IBM Cognos Command Center 10.2.5 FP1 IF1 available for download from Fix Central https://www.ibm.com/support/pages/node/7239167"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center clickjacking",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1494",
"datePublished": "2025-08-26T16:45:35.076Z",
"dateReserved": "2025-02-20T02:17:49.762Z",
"dateUpdated": "2025-08-26T17:36:26.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31899 (GCVE-0-2024-31899)
Vulnerability from cvelistv5
Published
2024-09-26 13:34
Modified
2024-09-26 17:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-256 - Plaintext Storage of a Password
Summary
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1, 10.2.5 cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T17:03:17.985272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:04:12.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1, 10.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device."
}
],
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T13:34:57.008Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7149734"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-31899",
"datePublished": "2024-09-26T13:34:57.008Z",
"dateReserved": "2024-04-07T12:44:57.197Z",
"dateUpdated": "2024-09-26T17:04:12.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50324 (GCVE-0-2023-50324)
Vulnerability from cvelistv5
Published
2024-03-01 01:58
Modified
2024-08-02 22:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1, 10.2.5 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cognos_command_center",
"vendor": "ibm",
"versions": [
{
"status": "affected",
"version": "10.2.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cognos_command_center",
"vendor": "ibm",
"versions": [
{
"status": "affected",
"version": "10.2.4.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T20:37:18.671543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T22:02:55.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/275038"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1, 10.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038."
}
],
"value": "IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. IBM X-Force ID: 275038."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-01T01:58:09.921Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/275038"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-50324",
"datePublished": "2024-03-01T01:58:09.921Z",
"dateReserved": "2023-12-07T01:29:21.981Z",
"dateUpdated": "2024-08-02T22:16:46.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38707 (GCVE-0-2022-38707)
Vulnerability from cvelistv5
Published
2023-05-05 13:54
Modified
2025-01-29 16:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Cognos Command Center |
Version: 10.2.4.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6983274"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/234179"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T16:55:58.091573Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T16:56:04.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cognos Command Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.2.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179."
}
],
"value": "IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-05T13:54:45.562Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6983274"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/234179"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Cognos Command Center information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-38707",
"datePublished": "2023-05-05T13:54:45.562Z",
"dateReserved": "2022-08-23T16:35:16.509Z",
"dateUpdated": "2025-01-29T16:56:04.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}