Vulnerability Details : CVE-2013-5444
The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2013-5444
Probability of exploitation activity in the next 30 days: 0.20%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 57 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-5444
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-5444
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-5444
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/87820
IBM Cognos Express weak security CVE-2013-5444 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg21667626
IBM Security Bulletin: Multiple vulnerabilities in IBM Cognos Express (CVE-2013-5443, CVE-2013-5445, CVE-2013-5444, CVE-2013-2407, CVE-2013-2450, CVE-2013-0169, CVE-2013-1478, CVE-2013-1480)Vendor Advisory
Products affected by CVE-2013-5444
- cpe:2.3:a:ibm:cognos_express:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:cognos_express:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:cognos_express:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:cognos_express:10.2.1:*:*:*:*:*:*:*