CVE-2020-4685 is a vulnerability in IBM Cognos Controller
Published on November 11, 2020

A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of user in Cognos Controller. IBM X-Force ID: 186625.

NVD

Products Associated with CVE-2020-4685

Want to know whenever a new CVE is published for IBM Cognos Controller? stack.watch will email you.

IBM Cognos Controller

Affected Versions

IBM Cognos Controller:

Version 10.3.1 is affected.
Version 10.3.0 is affected.
Version 10.4.0 is affected.
Version 10.4.1 is affected.
Version 10.4.2 is affected.

Exploit Probability

EPSS

0.52%

Percentile

66.58%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-4685 is a vulnerability in IBM Cognos ControllerPublished on November 11, 2020

Products Associated with CVE-2020-4685

Affected Versions

Exploit Probability

CVE-2020-4685 is a vulnerability in IBM Cognos Controller
Published on November 11, 2020