CVE-2020-4876

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 190839.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:cognos_controller:10.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_controller:10.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_controller:10.4.2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Information

Published : 2022-01-21 10:15

Updated : 2022-01-27 10:51


NVD link : CVE-2020-4876

Mitre link : CVE-2020-4876


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows

ibm

  • cognos_controller