Rewterz Threat Advisory – Multiple IBM Cognos Analytics Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-43051 CVSS:5.4

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-38359 CVSS:6.1

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2023-32344 CVSS:4.3

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path.

CVE-2023-30996 CVSS:5.3

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins.

CVE-2022-34357 CVSS:6.5

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users.

Impact

• Denial of Service
• Gain Access
• Information Gain
• Cross-Site Scripting

Indicators Of Compromise

CVE

• CVE-2023-43051
• CVE-2023-38359
• CVE-2023-32344
• CVE-2023-30996
• CVE-2022-34357

Affected Vendors

IBM

Affected Products

• IBM Cognos Analytics 11.1.7
• IBM Cognos Analytics 11.2.4
• IBM Cognos Analytics 12.0.0

Remediation

Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2023-43051

CVE-2023-38359

CVE-2023-32344

CVE-2023-30996

CVE-2022-34357