Sensitive Information Exposure via API Key Logging in IBM Cognos Analytics

Sensitive Information Exposure via API Key Logging in IBM Cognos Analytics

CVE-2022-43887 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to log files. If these keys contain sensitive information, it could lead to further attacks. IBM X-Force ID: 240450.

Learn more about our Cis Benchmark Audit For Ibm I.