Primary

Context

IBM Cognos Command Center Open Redirect Vulnerability Allowing Phishing Attacks

Vulnerability

Patched

An open redirect vulnerability has been identified in IBM Cognos Command Center versions 10.2.4.1 and 10.2.5. This vulnerability could allow remote attackers to conduct phishing attacks by spoofing URLs and redirecting users to malicious websites that appear trusted. Exploitation of this vulnerability could lead to the theft of sensitive information or facilitate further attacks against the victim.

Impact

Successful exploitation could allow attackers to redirect users to malicious websites, potentially leading to phishing attacks or other forms of deception.

Remediation

Users are advised to upgrade to IBM Cognos Command Center 10.2.5 FP1 IF1, available for download from Fix Central.

Added: Aug 26, 2025, 5:24 PM

Updated: Aug 26, 2025, 5:24 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Command Center Open Redirect Vulnerability Allowing Phishing Attacks

Vulnerability

Impact

Remediation

Affected Products

IBM Cognos Command Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating