3 matches found
Security Bulletin: IBM Cognos Analytics is vulnerable to Malicious File Upload and EL Injection vulnerabilities (CVE-2024-40695, CVE-2024-51466)
Summary IBM Cognos Analytics is considered vulnerable to a Malicious File Upload which could allow a privileged user to upload malicious files that can be automatically processed within the product CVE-2024-40695 and an Expression Language EL Injection which could allow a remote attacker to explo...
Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities
Summary IBM Planning Analytics Workspace is considered vulnerable to a Malicious File Upload vulnerability which could allow a privileged user to upload malicious files that can be automatically processed within the product CVE-2023-42017. This vulnerability has been addressed. IBM Planning...
CVE-2023-42017
Summary: CVE-2023-42017 affects IBM Planning Analytics Local 2.0, where improper validation of file extensions enables a remote attacker to upload arbitrary files via a crafted HTTP request, potentially allowing execution of arbitrary code on the vulnerable system. Affected product/component: IBM...