IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability

IBM Cognos TM1 is prone to a denial-of-service vulnerability in the undocumented API.

Attackers can exploit this issue to cause denial-of-service conditions.

Information

Bugtraq ID: 97918
Class: Input Validation Error
CVE: CVE-2016-3036

Remote: Yes
Local: No
Published: Apr 13 2017 12:00AM
Updated: Apr 19 2017 09:05PM
Credit: Stephen Deck at Synovus
Vulnerable: IBM Cognos TM1 10.2.2
IBM Cognos TM1 10.2
IBM Cognos TM1 10.1.0

Not Vulnerable: IBM Cognos TM1 10.2.2 Fix Pack 7
IBM Cognos TM1 10.2.0.2 Interim Fix
IBM Cognos TM1 10.1.1.2 Interim Fix

References:

Cognos TM1 Homepage (IBM)
IBM Homepage (IBM)
swg21999649 : Multiple Security Vulnerabilities exist in IBM Cognos TM1 (IBM)

Source: www.securityfocus.com

Exploit Collector

Search Exploit

IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability

Information