Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm planning analytics local vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-4645
IBM Planning Analytics Local 2.0.0 up to and including 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...
Ibm Planning Analytics Local
4.3
CVSSv3
CVE-2020-4649
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.
Ibm Planning Analytics Local
4.9
CVSSv3
CVE-2021-29739
IBM Planning Analytics Local 2.0 could allow a remote malicious user to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.
Ibm Planning Analytics Local 2.0.0
7.5
CVSSv3
CVE-2020-4985
IBM Planning Analytics Local 2.0 could allow an malicious user to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.
Ibm Planning Analytics Local 2.0.0
5.4
CVSSv3
CVE-2023-28520
IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...
Ibm Planning Analytics Local 2.0.0
6.1
CVSSv3
CVE-2020-4882
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by constucting URLs from user-controlled data . This could enable malicious users to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 190852.
Ibm Planning Analytics 2.0
9.8
CVSSv3
CVE-2023-42017
IBM Planning Analytics Local 2.0 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, whic...
Ibm Planning Analytics 2.0
3.3
CVSSv3
CVE-2022-22314
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 217371.
Ibm Planning Analytics Workspace 2.0
7.8
CVSSv3
CVE-2022-22392
IBM Planning Analytics Local 2.0 could allow an malicious user to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.
Ibm Planning Analytics Workspace 2.0
NA
CVE-2024-31907
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »