Primary

Context

IBM Cognos Command Center Clickjacking Vulnerability

Vulnerability

Patched

A clickjacking vulnerability has been identified in IBM Cognos Command Center versions 10.2.4.1 and 10.2.5. This vulnerability could allow a remote attacker to hijack the clicking actions of a victim. By convincing the victim to visit a malicious website, the attacker could exploit this issue to take control of the victim's clicks and potentially launch further attacks against them.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of the victim, potentially allowing for further attacks against them.

Remediation

Users are advised to upgrade to IBM Cognos Command Center 10.2.5 FP1 IF1, available for download from Fix Central.

Added: Aug 26, 2025, 5:26 PM

Updated: Aug 26, 2025, 5:26 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.7

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.7

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Command Center Clickjacking Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Cognos Command Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating