This Security Bulletin addresses a security vulnerability that has been remediated in IBM Planning Analytics 2.0.9.4
CVEID:CVE-2020-4764
**DESCRIPTION:**IBM Planning Analytics is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/188898 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
IBM Planning Analytics 2.0
The recommended solution is to apply the fix as soon as possible:
IBM Planning Analytics Local 2.0.9.4 is now available for download on Fix Central
None