Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm planning analytics 2.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-29852
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 2055...
Ibm Planning Analytics 2.0
4.3
CVSSv3
CVE-2021-29853
IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.
Ibm Planning Analytics 2.0
4.3
CVSSv3
CVE-2021-29851
IBM Planning Analytics 2.0 could allow a remote malicious user to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 205527.
Ibm Planning Analytics 2.0
5.3
CVSSv3
CVE-2020-4873
IBM Planning Analytics 2.0 could allow an malicious user to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.
Ibm Planning Analytics 2.0
7.5
CVSSv3
CVE-2020-4881
IBM Planning Analytics 2.0 could allow a remote malicious user to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive i...
Ibm Planning Analytics 2.0
6.1
CVSSv3
CVE-2020-4882
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by constucting URLs from user-controlled data . This could enable malicious users to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 190852.
Ibm Planning Analytics 2.0
4.3
CVSSv3
CVE-2020-4953
IBM Planning Analytics 2.0 could allow a remote authenticated malicious user to obtain information about an organization's internal structure by exposing sensitive information in HTTP repsonses. IBM X-Force ID: 192029.
Ibm Planning Analytics 2.0
7.8
CVSSv3
CVE-2021-38873
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.
Ibm Planning Analytics 2.0
6.5
CVSSv3
CVE-2020-4648
A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019.
Ibm Planning Analytics 2.0
7.8
CVSSv3
CVE-2022-22308
IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.
Ibm Planning Analytics 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »