Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm planning analytics local vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-42017
IBM Planning Analytics Local 2.0 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, whic...
Ibm Planning Analytics 2.0
9.1
CVSSv3
CVE-2020-4669
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database....
Ibm Planning Analytics Local 2.0.0
Ibm Planning Analytics Cloud 2.0.0
9.1
CVSSv3
CVE-2020-4670
IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: ...
Ibm Planning Analytics Local 2.0.0
Ibm Planning Analytics Cloud 2.0.0
7.8
CVSSv3
CVE-2022-22392
IBM Planning Analytics Local 2.0 could allow an malicious user to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.
Ibm Planning Analytics Workspace 2.0
7.5
CVSSv3
CVE-2020-4985
IBM Planning Analytics Local 2.0 could allow an malicious user to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.
Ibm Planning Analytics Local 2.0.0
7.5
CVSSv3
CVE-2020-4367
IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 179001.
Ibm Planning Analytics Local
6.1
CVSSv3
CVE-2020-4882
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by constucting URLs from user-controlled data . This could enable malicious users to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 190852.
Ibm Planning Analytics 2.0
6.1
CVSSv3
CVE-2020-4366
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
6.1
CVSSv3
CVE-2020-4503
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Planning Analytics Local
6.1
CVSSv3
CVE-2018-1676
IBM Planning Analytics 2.0.0 up to and including 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted s...
Ibm Planning Analytics Local
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »