CVE-2016-8960

HIGH

8.8

CVSS Severity Score

EPSS Score0.0980%

EPSS Percentile11.64th

PublishedMar 27, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subsequent requests. IBM Reference #: 1993718.

Affected Platforms (CPE)

📦

Ibm

Cognos Business Intelligence

= 10.2

📦

Ibm

Cognos Business Intelligence

= 10.2.1

📦

Ibm

Cognos Business Intelligence

= 10.2.1.1

📦

Ibm

Cognos Business Intelligence

= 10.2.2

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg21993718

🔗 http://www.securityfocus.com/bid/96963

🔗 http://www.ibm.com/support/docview.wss?uid=swg21993718

🔗 http://www.securityfocus.com/bid/96963

Vulnerability Description

Affected Platforms (CPE)

Cognos Business Intelligence

Cognos Business Intelligence

Cognos Business Intelligence

Cognos Business Intelligence

References & Advisories

Related Vulnerabilities