IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7) could be vulnerable to an XML Bomb attack by a malicious authenticated user. IBM X-Force ID: 196813.
https://www.ibm.com/support/pages/node/6570957
https://security.netapp.com/advisory/ntap-20220602-0003/
https://exchange.xforce.ibmcloud.com/vulnerabilities/196813
Source: Mitre, NVD
Published: 2022-04-22
Updated: 2026-06-17
Base Score: 4
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P
Severity: Medium
Base Score: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS: 0.00044