CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. An attacker could execute arbitrary commands on the system, caused by improper validation of file contents.

CWE 1 Total

Learn more

CWE-502: CWE-502 Deserialization of Untrusted Data

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
8.0	HIGH	3.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

References 1 Total

https://www.ibm.com/support/pages/node/7183597
external site
vendor-advisory

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: IBM Corporation

Description

CWE 1 Total

CVSS 1 Total

Product Status

References 1 Total

Authorized Data Publishers

CISA-ADP