Vulnerability in Ibm Cognos_express

CVE-2013-5445

IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.002 (43.5th percentile) — read the EPSS interpretation.

Affected products

Ibm Cognos_express — versions 9.0, 9.5, 10.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

ibm-cognos-cve20135445-info-disc(87821) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)