Product:

Planning_analytics

(Ibm)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 30
Date Id Summary Products Score Patch Annotated
2025-01-24 CVE-2024-25034 IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attacks. Planning_analytics 8.8
2025-01-24 CVE-2024-40693 IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks. Planning_analytics 8.0
2019-12-18 CVE-2019-4716 IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094. Planning_analytics 9.8
2020-07-20 CVE-2020-4361 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. IBM X-Force ID: 178766. Planning_analytics 4.3
2020-07-20 CVE-2020-4527 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 182631. Planning_analytics 5.9
2020-08-19 CVE-2020-4648 A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019. Planning_analytics 6.5