Planning Analytics Security Vulnerabilities and Issues — Planning Analytics CVE List

Lucene search

IbmPlanning Analytics

3 matches found

CVE•added 2022/04/08 4:15 p.m.•98 views

CVE-2022-22339

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 219736.

7.3CVSS7.4AI score0.00153EPSS

CVE•added 2022/02/21 6:15 p.m.•93 views

CVE-2022-22308

IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.

7.8CVSS7.7AI score0.00165EPSS

CVE•added 2021/01/19 4:15 p.m.•31 views

CVE-2020-4881

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force I...

7.5CVSS7.2AI score0.00224EPSS