Vulnerability in Ibm Cognos_express

CVE-2013-5444

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.002 (45.3th percentile) — read the EPSS interpretation.

Affected products

Ibm Cognos_express — versions 9.0, 9.5, 10.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-cognos-cve20135444-weak-security(87820) (vdb-entry, x_refsource_XF)