Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Planning Analytics Security Vulnerabilities - 2020

cve
cve

CVE-2019-4613

IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 168524.

8.8CVSS

8.4AI Score

0.001EPSS

2020-02-05 04:15 PM
26
cve
cve

CVE-2020-4361

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. IBM X-Force ID: 178766.

4.3CVSS

4.5AI Score

0.001EPSS

2020-07-20 02:15 PM
22
cve
cve

CVE-2020-4527

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and ...

5.9CVSS

5.4AI Score

0.003EPSS

2020-07-20 02:15 PM
24
cve
cve

CVE-2020-4644

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further att...

5.4CVSS

5.4AI Score

0.001EPSS

2020-07-29 02:15 PM
21
cve
cve

CVE-2020-4645

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.001EPSS

2020-07-29 02:15 PM
23
cve
cve

CVE-2020-4648

A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019.

6.5CVSS

6.3AI Score

0.001EPSS

2020-08-19 01:15 PM
27
cve
cve

CVE-2020-4653

IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site...

6.1CVSS

6.1AI Score

0.001EPSS

2020-08-19 01:15 PM
31
cve
cve

CVE-2020-4764

IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 188898.

6.5CVSS

6.4AI Score

0.001EPSS

2020-12-18 03:15 PM
21