Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM56010271FADB2B12433EDFB8BB58EF501ABD4597A03C18A16E3135E6F81D1A76
HistoryFeb 04, 2020 - 4:23 p.m.

Security Bulletin: IBM Planning Analytics Local is affected by a security vulnerability

2020-02-0416:23:31
www.ibm.com
7

0.001 Low

EPSS

Percentile

26.4%

JSON

Summary

The Planning Analytics Workspace component of IBM Planning Analytics is impacted by a Cross-Site Request Forgery (XSRF) vulnerability . This vulnerability has been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 48.

Vulnerability Details

CVEID:CVE-2019-4613
**DESCRIPTION:**IBM Planning Analytics is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/168524 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

Affected Products and Versions

IBM Planning Analytics 2.0

Remediation/Fixes

The recommended solution is to apply the fix as soon as practical.

Download IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 48 from Fix Central.

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm planning analytics localeqany

Related

cvelist 1
nvd 1
cve 1
prion 1
cvelist
cvelist
CVE-2019-4613
2020-02-04 00:00:00
nvd
nvd
CVE-2019-4613
2020-02-05 16:15:11
cve
cve
CVE-2019-4613
2020-02-05 16:15:11
prion
prion
Cross site request forgery (csrf)
2020-02-05 16:15:00

0.001 Low

EPSS

Percentile

26.4%

JSON
Related for 56010271FADB2B12433EDFB8BB58EF501ABD4597A03C18A16E3135E6F81D1A76
cvelist1nvd1cve1prion1