CVE-2020-4951: Infoleak

Published Oct 15, 2021

Updated

IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.

Other sources

IBM Cognos Analytics contains locally cached browser data, that could allow a local attacker to obtain sensitive information.

Affected Software

3 affected components

IBM Cognos Analytics=11.1.7

IBM Cognos Analytics=11.2.0

NetApp OnCommand Insight

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6491661

Event History

Oct 15, 2021

CVE Published

via MITRE·03:55 PM

Data Sourced

via MITRE·03:55 PM

DescriptionSeverityWeakness

Aug 3, 2024

Data Sourced

via IBM·10:19 PM

DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

IBM-6491661

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID is CVE-2020-4951.

What software versions are affected by this vulnerability?

IBM Cognos Analytics versions 11.1.7 and 11.2.0 are affected.

What is the severity of CVE-2020-4951?

The severity of CVE-2020-4951 is medium.

How can a local attacker exploit this vulnerability?

A local attacker can exploit this vulnerability by obtaining sensitive information from locally cached browser data.

Are there any references available for this vulnerability?

Yes, you can find references for this vulnerability at the following links: [link1], [link2], [link3].