Vulnerability Description
IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Cognos Tm1 | 10.2.0.2 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21682395PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91064
- http://www-01.ibm.com/support/docview.wss?uid=swg21682395PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91064
FAQ
What is CVE-2014-0877?
CVE-2014-0877 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link.
How severe is CVE-2014-0877?
CVE-2014-0877 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0877?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Cognos Tm1.