Vulnerability CVE-2014-0863
Published: 2014-09-04   Modified: 2014-09-05

Description:
The client in IBM Cognos TM1 9.5.2.3 before IF5, 10.1.1.2 before IF1, 10.2.0.2 before IF1, and 10.2.2.0 before IF1 stores obfuscated passwords in memory, which allows remote authenticated users to obtain sensitive cleartext information via an unspecified security tool.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
IBM -> Cognos tm1 

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21682397
http://www.securityfocus.com/bid/69594
http://www.securitytracker.com/id/1030805
http://xforce.iss.net/xforce/xfdb/90937
Copyright 2024, cxsecurity.com

 

Back to Top