Planning Analytics Local@* Security Vulnerabilities and Issues — Planning Analytics Local@* CVE List

Lucene search

IbmPlanning Analytics Local*

11 matches found

CVE•added 2020/06/02 2:15 p.m.•43 views

CVE-2020-4503

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182283.

6.1CVSS6AI score0.00044EPSS

CVE•added 2024/08/04 1:15 p.m.•40 views

CVE-2024-35143

IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Forc...

9.1CVSS6.8AI score0.00087EPSS

CVE•added 2020/06/02 2:15 p.m.•37 views

CVE-2020-4431

5.4CVSS5.6AI score0.00236EPSS

CVE•added 2020/11/03 2:15 p.m.•37 views

CVE-2020-4649

IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.

4.3CVSS5.3AI score0.00156EPSS

CVE•added 2018/07/06 2:29 p.m.•36 views

CVE-2018-1676

IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145118.

6.1CVSS6AI score0.00166EPSS

CVE•added 2020/07/29 2:15 p.m.•36 views

CVE-2020-4645

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2020/06/02 2:15 p.m.•34 views

CVE-2020-4360

5.4CVSS5.6AI score0.00032EPSS

CVE•added 2020/06/02 2:15 p.m.•34 views

CVE-2020-4366

6.1CVSS6AI score0.00247EPSS

CVE•added 2020/06/02 2:15 p.m.•33 views

CVE-2020-4367

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001.

7.5CVSS7.6AI score0.00112EPSS

CVE•added 2020/07/29 2:15 p.m.•29 views

CVE-2020-4644

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further att...

6.1CVSS5.4AI score0.00339EPSS

CVE•added 2020/05/29 1:15 p.m.•27 views

CVE-2020-4306

IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...

5.4CVSS5.3AI score0.00236EPSS