Planning Analytics@2.0 Security Vulnerabilities and Issues — Planning Analytics@2.0 CVE List

Lucene search

IbmPlanning Analytics2.0

3 matches found

CVE•added 2022/04/08 4:15 p.m.•98 views

CVE-2022-22339

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 219736.

7.3CVSS7.4AI score0.00153EPSS

CVE•added 2022/02/21 6:15 p.m.•93 views

CVE-2022-22308

IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.

7.8CVSS7.7AI score0.00165EPSS

CVE•added 2022/06/24 4:15 p.m.•73 views

CVE-2021-39047

IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tru...

6.1CVSS5.9AI score0.00315EPSS