28 matches found
CVE-2026-1267
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls...
PT-2026-25951
CVE-2026-1267 IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of pro… https://t.co/BQ9nfoG4xS...
CVE-2025-36299
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...
CVE-2025-36357
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system...
CVE-2025-36357 IBM Planning Analytics Local Directory Traversal
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system...
CVE-2025-36357 IBM Planning Analytics Local Directory Traversal
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system...
IBM Planning Analytics Local Cross-Site Scripting Vulnerability
IBM Planning Analytics Local is a web-based local architecture from International Business Machines IBM. IBM Planning Analytics Local suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...
CVE-2025-36262
IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13 could allow a malicious privileged user to bypass the UI to gain unauthorized access to sensitive information due to the improper validation of input...
CVE-2025-36262
IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13 could allow a malicious privileged user to bypass the UI to gain unauthorized access to sensitive information due to the improper validation of input...
IBM Planning Analytics Local Code Issue Vulnerability
IBM Planning Analytics Local is a web-based local architecture from International Business Machines IBM. A code issue vulnerability exists in IBM Planning Analytics Local versions 2.0 and 2.1, which stems from a failure to disable a session after logging out, and can be exploited by an attacker t...
CVE-2025-25044
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2025-33005 IBM Planning Analytics Local session fixation
IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...
CVE-2025-33004
CVE-2025-33004 affects IBM Planning Analytics Local (2.0 and 2.1). The vulnerability is a path traversal flaw caused by improper pathname restriction that could let a privileged user delete files from directories. Connected sources confirm affected versions 2.0–2.1 and cite the impact as file del...
CVE-2025-2896 IBM Planning Analytics Local cross-site scripting
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
IBM Planning Analytics Local 路径遍历漏洞
IBM Planning Analytics Local is a web-based local architecture from International Business Machines IBM. A path traversal vulnerability exists in IBM Planning Analytics Local versions 2.0 and 2.1, which stems from improperly restricted pathnames and could result in the deletion of files...
IBM Planning Analytics Local 跨站脚本漏洞
IBM Planning Analytics Local is a web-based local architecture from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Planning Analytics Local versions 2.0 and 2.1, which stems from susceptibility to cross-site scripting attacks that could lead to credential...
CVE-2024-31908
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2024-31908
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2024-31908
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Security Bulletin: IBM Planning Analytics and IBM Planning Analytics Workspace are affected by a security vulnerability in IBM WebSphere Application Server Liberty (CVE-2022-34165)
Summary There is a vulnerabilty in IBM WebSphere Application Server Liberty used by IBM Planning Analytics and IBM Planning Analytics Workspace. The applicable CVE has been addressed in IBM Planning Analytics and Planning Analytics Workspace. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION...