Primary

Context

IBM Cognos Analytics Source Code Exposure Vulnerability

Vulnerability

Patched

A vulnerability exists in IBM Cognos Analytics versions 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4, where the application stores source code on the web server. This could potentially facilitate further attacks against the system.

Impact

The exposure of source code on the web server could lead to additional attacks against the system.

Remediation

Users can upgrade to IBM Cognos Analytics 12.0.4 Fix Pack 1 or IBM Cognos Analytics 11.2.4.5 Interim Fix 5. Instructions for downloading these versions are available on the IBM Support website.

Added: Jun 11, 2025, 6:18 PM

Updated: Jun 11, 2025, 6:18 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.0

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.0

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Analytics Source Code Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Cognos Analytics

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating