Lucene search
IBM262CEC60CA904381FB3FD1F7728AB9A5538F4F69F2EFC2174483C7216D72C4E7HistoryFeb 11, 2020 - 6:54 p.m.
Security Bulletin: IBM Planning Analytics has addressed a Security Vulnerability
2020-02-1118:54:41
www.ibm.com
13
0.07 Low
EPSS
Percentile
94.0%
Summary
This Security Bulletin addresses a security vulnerability that has been remediated in IBM Planning Analytics 2.0.9.
Vulnerability Details
CVEID:CVE-2019-4716
**DESCRIPTION:**IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as “admin”, and then execute code as root or SYSTEM via TM1 scripting.
CVSS Base score: 10
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172094 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Affected Products and Versions
IBM Planning Analytics 2.0.0 - 2.0.8
Remediation/Fixes
The recommended solution is to apply the fix as soon as possible:
Downloading IBM Planning Analytics 2.0.9
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm planning analytics | eq | 2.0 |
Related
cisa_kev
cisa_kev
IBM Planning Analytics Remote Code Execution Vulnerability
2021-11-03 00:00:00
cvelist
cvelist
CVE-2019-4716
2019-12-17 00:00:00
nvd
nvd
CVE-2019-4716
2019-12-18 17:16:43
zdt
zdt
checkpoint_advisories
checkpoint_advisories
IBM Planning Analytics Remote Code Execution (CVE-2019-4716)
2022-02-21 00:00:00
prion
prion
Code injection
2019-12-18 17:16:00
attackerkb
attackerkb
CVE-2019-4716
2019-12-18 00:00:00
packetstorm
packetstorm
ibm
ibm
Additional Information About CVE-2019-4716
2021-09-20 18:42:15
cve
cve
CVE-2019-4716
2019-12-18 17:16:43
0.07 Low
EPSS
Percentile
94.0%
Related for 262CEC60CA904381FB3FD1F7728AB9A5538F4F69F2EFC2174483C7216D72C4E7