CVE-2020-4561

Summary

IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.

Affected Software

VendorProductVersion RangeStatus
IBMCognos Analytics11.0affected
IBMCognos Analytics11.1affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References