CVE-2022-43887

IBM Cognos Analytics information disclosure

CVSS 5.3 MEDIUMEPSS 0.5%CWE-532

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to log files. If these keys contain sensitive information, it could lead to further attacks. IBM X-Force ID: 240450.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

IBM · Cognos Analytics

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/240450 https://www.ibm.com/support/pages/node/6841801