Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Cognos Analytics — Vulnerabilities & Security Advisories 98

All 98 CVE vulnerabilities found in Cognos Analytics, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of Common Weakness Enumeration (CWE) type vulnerabilities associated with the IBM Cognos Analytics software product. It serves as a centralized resource for security professionals and IT administrators to monitor the security posture of this enterprise business intelligence platform. The content on this page compiles a wide range of security flaws, including but not limited to remote code execution, cross-site scripting, and privilege escalation issues. It aggregates data from vendor advisories, security bulletins, and third-party research reports covering significant vulnerability discoveries over time. The collection focuses on identifying patterns in reported weaknesses to help stakeholders understand the evolving threat landscape specific to this analytics suite. Visitors to this page can effectively track vendor advisories issued by IBM to stay informed about newly disclosed risks. Users can also analyze the distribution of specific weakness classes to understand which areas of the software are most susceptible to exploitation. Furthermore, the aggregated history allows for a detailed look-up of past vulnerabilities, enabling teams to assess the long-term security maturity of the product and prioritize remediation efforts based on historical data and trend analysis.

Vendor: IBM Corporation

CVE IDTitleCVSSSeverityPublished
CVE-2024-52900 IBM Cognos Analytics cross-site scripting CWE-79 6.4 Medium2025-06-28
CVE-2025-0923 IBM Cognos Analytics information disclosure CWE-540 5.3 Medium2025-06-11
CVE-2025-0917 IBM Cognos Analytics cross-site scripting CWE-79 5.5 Medium2025-06-11
CVE-2025-25032 IBM Cognos Analytics denial of service CWE-770 7.5 High2025-06-11
CVE-2024-56340 IBM Cognos Analytics path traversal CWE-23 6.5 Medium2025-02-28
CVE-2025-0823 IBM MQ path traversal CWE-22 6.5 Medium2025-02-28
CVE-2024-49352 IBM Cognos Anaytics XML external entity injection CWE-611 7.1 High2025-02-05
CVE-2024-40695 IBM Cognos Analytics file upload CWE-434 8.0 High2024-12-20
CVE-2024-51466 IBM Cognos Analytics expression language injection CWE-917 9.0 Critical2024-12-20
CVE-2024-25042 IBM Cognos Analytics cross-site scripting CWE-79 5.4 Medium2024-12-18
CVE-2024-45082 IBM Cognos Analytics HTTP open redirection CWE-601 6.8 Medium2024-12-18
CVE-2024-41752 IBM Cognos Analytics HTML injection CWE-80 5.4 Medium2024-12-18
CVE-2024-40703 IBM Cognos Analytics information disclosure CWE-522 5.5 Medium2024-09-22
CVE-2024-25041 IBM Cognos Analytics cross-site scripting CWE-79 5.4 Medium2024-06-28
CVE-2024-25053 IBM Cognos Analytics improper certificate validation CWE-295 5.9 Medium2024-06-28
CVE-2024-25047 IBM Cognos Analytics log injection CWE-117 8.6 High2024-05-02
CVE-2023-43051 IBM Cognos Analytics cross-site scripting CWE-79 5.4 Medium2024-02-24
CVE-2022-34357 IBM Cognos Analytics Mobile Server denial of service CWE-770 6.5 Medium2024-02-24
CVE-2023-30996 IBM Cognos Analytics cross-origin resource sharing CWE-346 5.3 Medium2024-02-24
CVE-2023-32344 IBM Cognos Analytics cross-site request forgery CWE-352 4.3 Medium2024-02-24
CVE-2023-38359 IBM Cognos Analytics cross-site scripting CWE-79 6.1 Medium2024-02-24
CVE-2023-35011 IBM Cognos Analytics server-side request forgey CWE-918 5.4 Medium2023-08-16
CVE-2023-35009 IBM Cognos Analytics information disclosure CWE-209 5.3 Medium2023-08-16
CVE-2023-28530 IBM Cognos Analytics cross-site scripting CWE-79 5.4 Medium2023-07-22
CVE-2023-25929 IBM Cognos Analytics cross-site scripting CWE-79 4.6 Medium2023-07-22
CVE-2021-39036 IBM Cognos Analytics cross-site scripting CWE-79 6.1 Medium2023-05-12
CVE-2022-39160 IBM Cognos Analytics cross-site scripting CWE-79 6.1 Medium2022-12-19
CVE-2022-43883 IBM Cognos Analytics data manipulation 6.5 Medium2022-12-19
CVE-2022-43887 IBM Cognos Analytics information disclosure CWE-532 5.3 Medium2022-12-19
CVE-2022-38708 IBM Cognos Analytics server-side request forgery CWE-918 6.5 Medium2022-12-19

All 98 known CVE vulnerabilities affecting Cognos Analytics with full Chinese analysis, references, and POCs where available.