CVE-2016-3037
N/A
N/A
Summary
IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM Corporation | Cognos TM1 | 10.1 | affected |
| IBM Corporation | Cognos TM1 | 10.1.1 | affected |
| IBM Corporation | Cognos TM1 | 10.2.0.2 | affected |
| IBM Corporation | Cognos TM1 | 10.2.2 | affected |
| IBM Corporation | Cognos TM1 | 10.1.1.2 | affected |
| IBM Corporation | Cognos TM1 | 10.2 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.