Vulnerability Description
IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows remote attackers to conduct XPath injection attacks, and call XPath extension functions, via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Cognos Business Intelligence | 8.4.1 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21626697
- http://www-01.ibm.com/support/docview.wss?uid=swg24034373
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79116
- http://www-01.ibm.com/support/docview.wss?uid=swg21626697
- http://www-01.ibm.com/support/docview.wss?uid=swg24034373
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79116
FAQ
What is CVE-2012-4840?
CVE-2012-4840 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows remote attackers to conduct XPath injection attacks, and call XPath extension fun...
How severe is CVE-2012-4840?
CVE-2012-4840 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4840?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Cognos Business Intelligence.