IBM Cognos Business Intelligence 10.2.2 Cross-Site Request Forgery (CSRF) Vulnerability

Summary

IBM Cognos Business Intelligence is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Credit:

The information has been provided by William Jardine.

The original article can be found at:https://www.ibm.com/support/pages/node/1142626


Details

IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

 

Vulnerable Systems:

IBM Cognos Business Intelligence 10.2.2

 

CVE Information:

CVE-2018-1934

 

Disclosure Timeline:
Published Date:12/20/2019