Detections
Analytics

IBM Cognos Analytics 11.2.x < 11.2.4 FP4 / 12.0.x < 12.0.4 Multiple Vulnerabilities (7173592)

critical Nessus Plugin ID 213274

Language:

Synopsis

The remote host is missing one or more security updates.

Description

The version of IBM Cognos Analytics installed on the remote host is prior to 11.2.4 FP4 or 12.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the 7173592 advisory.

 - An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled. Strapi does not consider this to be a valid vulnerability. (CVE-2022-29622)

 - Node.js IP package could allow a remote attacker to execute arbitrary code on the system, caused by a server-side request forgery flaw in the ip.isPublic() function. By sending a specially crafted request using a hexadecimal representation of a private IP address, an attacker could exploit this vulnerability to execute arbitrary code on the system and obtain sensitive information. (CVE-2023-42282)
- Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling multiplexed streams in the HTTP/2 protocol. By sending numerous HTTP/2 requests and RST_STREAM frames over multiple streams, a remote attacker could exploit this vulnerability to cause a denial of service due to server resource consumption. (CVE-2023-44487)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to IBM Cognos Analytics version 11.2.4 FP4 / 12.0.4 or later.

See Also

https://www.ibm.com/support/pages/node/7173592

Plugin Details

Severity: Critical

ID: 213274

File Name: ibm_cognos_7173592.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 12/20/2024

Updated: 1/3/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-29622

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2023-42282

CVSS v4

Risk Factor: Critical

Base Score: 9.3

Threat Score: 9.3

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2023-44487

Vulnerability Information

CPE: cpe:/a:ibm:cognos_analytics

Required KB Items: installed_sw/IBM Cognos Analytics

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/27/2024

Vulnerability Publication Date: 6/22/2018

CISA Known Exploited Vulnerability Due Dates: 10/31/2023

Reference Information

CVE: CVE-2018-12538, CVE-2018-12545, CVE-2019-10241, CVE-2020-27216, CVE-2021-28169, CVE-2021-34428, CVE-2022-29622, CVE-2023-26048, CVE-2023-26049, CVE-2023-36479, CVE-2023-38737, CVE-2023-40167, CVE-2023-41900, CVE-2023-42282, CVE-2023-44483, CVE-2023-44487, CVE-2023-46809, CVE-2023-50312, CVE-2023-51775, CVE-2023-52428, CVE-2024-21890, CVE-2024-21891, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-22025, CVE-2024-22329, CVE-2024-25042, CVE-2024-27270, CVE-2024-29415

IAVB: 2024-B-0196-S