CVE-2023-30996 — Vulnetix

CVE-2023-30996 PUBLISHED CVSS 9.300000190734863 CRITICAL

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290.

EPSS 0.07% · 22.3th percentile

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.07%

22.3th percentile

Affected Products

Vendor	Product	Versions
ibm	cognos_analytics	11.2.4, 12.0.0, 11.1.7
netapp	oncommand_insight
IBM	Cognos Analytics	11.1.7, 11.2.4, 12.0.0
ibm	cognos_analytics	11.1.7, 11.1.7, 11.2.0

Timeline

Feb 24, 2024 CVE Published
Feb 25, 2024 EPSS Score
Mar 23, 2024 EPSS Score
Apr 18, 2024 EPSS Score
May 15, 2024 EPSS Score
Jun 11, 2024 EPSS Score
Jul 7, 2024 EPSS Score
Aug 3, 2024 EPSS Score
Aug 30, 2024 EPSS Score
Sep 25, 2024 EPSS Score
Oct 22, 2024 EPSS Score
Nov 18, 2024 EPSS Score

References

https://www.ibm.com/support/pages/node/7112541 advisory
https://www.ibm.com/support/pages/node/7125640 advisory
https://www.ibm.com/support/pages/node/7124466 advisory
https://www.ibm.com/support/pages/node/7112504 advisory
https://www.ibm.com/support/pages/node/7125461 advisory
https://www.ibm.com/support/pages/node/7123154 advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/254290 vdb
https://security.netapp.com/advisory/ntap-20240405-0004/ url
https://security.netapp.com/advisory/ntap-20240621-0006/ url
https://nvd.nist.gov/vuln/detail/CVE-2023-30996 advisory
https://security.netapp.com/advisory/ntap-20240405-0004 url
https://security.netapp.com/advisory/ntap-20240621-0006 url

Open in Interactive Console →