← back
CVE-2021-20470

CVE-2021-20470

CVSS 5.9 MEDIUMEPSS 1.4%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.9EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Dec 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 196339.
CVSS:3.0/UI:N/S:U/AC:H/I:N/AV:N/A:N/PR:N/C:H/E:U/RL:O/RC:C
Affected products
IBM · Cognos Analytics

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/196939https://security.netapp.com/advisory/ntap-20211223-0006/https://www.ibm.com/support/pages/node/6520510