CVE-2019-4175

Description

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880.

CVSS breakdown

CVSS 3.0

Availability

None

User Interaction

None

Confidentiality

High

Integrity

None

Privileges Required

None

Attack Complexity

High

Scope

Unchanged

Attack Vector

Network

Unchanged

Changed

Affected products

ibm / cognos_controller10.3.1 – 10.3.1
ibm / cognos_controller10.3.0 – 10.3.0
ibm / cognos_controller10.4.0 – 10.4.0
ibm / cognos_controller10.4.1 – 10.4.1

References

MISChttps://www.ibm.com/support/pages/security-bulletin-security-vulnerabilties-exist-ibm-cognos-controller
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/158880