CVE-2022-34357
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2024
Last modified:
17/12/2024
Description
IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users. IBM X-Force ID: 230510.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:* | 11.1.1 (including) | 11.1.7 (excluding) |
| cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:* | 11.2.0 (including) | 11.2.4 (excluding) |
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack1:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack2:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack3:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack4:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack5:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack6:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack7:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.2.4:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack1:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack2:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:cognos_analytics:12.0.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://exchange.xforce.ibmcloud.com/vulnerabilities/230510
- https://security.netapp.com/advisory/ntap-20240405-0001/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.ibm.com/support/pages/node/7123154
- https://exchange.xforce.ibmcloud.com/vulnerabilities/230510
- https://security.netapp.com/advisory/ntap-20240405-0001/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.ibm.com/support/pages/node/7123154