A security vulnerability has been addressed in IBM Cognos Analytics 11.2.4 Interim Fix 2.
IBM Cognos Analytics is vulnerable to unauthorized attacks due to an exposed API key (CVE-2024-40703).
An exposed API key in IBM Cognos Analytics could allow an unauthorized attacker to send unsolicited push notification alerts to IBM Cognos Analytics Mobile client applications.
IBM Cognos Analytics has addressed the applicable CVE by revoking the exposed API key. Revocation of this API key will cause push notifications to cease functioning for mobile users of the IBM Cognos Analytics Mobile and IBM Cognos Analytics Reports applications. These fixes include a new encrypted API key that will be required for these notifications to function.
In order to completely apply this fix, users must update both their IBM Cognos Analytics instance and IBM Cognos Analytics Reports mobile client (iOS) applications.
Review the system requirements for the product in the IBM Cognos Analytics 11.2.x Installation and Configuration Guide. This document is available from the IBM Cognos Analytics documentation.
[{"PRLabel":"IBM Cognos Analytics documentation","PRLang":"English","PRSize":"1 B","PRPlat":{"label":"Windows","code":"PF033"},"PRURL":"https://www.ibm.com/support/knowledgecenter/SSEP7J_11.2.0\n"}]
Follow the instructions in the Installation and Configuration Guide available in the IBM Cognos Analytics documentation to install the product.
It is recommended that you install the latest generally available interim fix.
Entitled Bundled Customers use this link Cognos Analytics 11.2.4 IF2 to get access to download Cognos Analytics 11.2.4 Interim Fix 2.
Cognos Analytics Customers use the Fix Central links below.
On
[{"DNLabel":"Cognos Analytics 11.2.4 IF2 AIX ","DNDate":"21 Sep 2024","DNLang":"Language Independent","DNSize":"7.69 GB","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Analytics&release=11.2.4&platform=All&function=fixId&fixids=11.2.4-BA-CA-AIX64-IF002&downloadMethod=http&source=fc","DNURL_FTP":"","DDURL":null},{"DNLabel":"Cognos Analytics 11.2.4 IF2 Linux p LE ","DNDate":"21 Sep 2024","DNLang":"Language Independent","DNSize":"7.38 GB","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Analytics&release=11.2.4&platform=All&function=fixId&fixids=11.2.4-BA-CA-Linuxple64-IF002&downloadMethod=http&source=fc","DNURL_FTP":"","DDURL":null},{"DNLabel":"Cognos Analytics 11.2.4 IF2 Linux x86","DNDate":"21 Sep 2024","DNLang":"Language Independent","DNSize":"8.08 GB","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Analytics&release=11.2.4&platform=All&function=fixId&fixids=11.2.4-BA-CA-Linuxi38664-IF002&downloadMethod=http&source=fc","DNURL_FTP":"","DDURL":null},{"DNLabel":"Cognos Analytics 11.2.4 IF2 Linux zSeries","DNDate":"21 Sep 2024","DNLang":"Language Independent","DNSize":"7.55 GB","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Analytics&release=11.2.4&platform=All&function=fixId&fixids=11.2.4-BA-CA-zLinux64-IF002&downloadMethod=http&source=fc","DNURL_FTP":"","DDURL":null},{"DNLabel":"Cognos Analytics 11.2.4 IF2 Windows","DNDate":"21 Sep 2024","DNLang":"Language Independent","DNSize":"8.69 GB","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Analytics&release=11.2.4&platform=All&function=fixId&fixids=11.2.4-BA-CA-Win64-IF002&downloadMethod=http&source=fc","DNURL_FTP":"","DDURL":null}]
[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSTSF6","label":"IBM Cognos Analytics"},"ARM Category":[{"code":"a8m50000000Cl6sAAC","label":"Install-\u003EConfigure"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"11.2.4"}]