Ibm

Planning Analytics Local

25 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-28520

  • EPSS 0.14%
  • Published 12.05.2023 02:15:09
  • Last modified 21.11.2024 07:55:16

IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

4.9

CVE-2021-29739

  • EPSS 0.14%
  • Published 10.08.2021 14:15:07
  • Last modified 21.11.2024 06:01:43

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.

9.1

CVE-2020-4670

  • EPSS 0.6%
  • Published 17.05.2021 17:15:07
  • Last modified 21.11.2024 05:33:06

IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access t...

9.1

CVE-2020-4669

  • EPSS 0.43%
  • Published 17.05.2021 17:15:07
  • Last modified 21.11.2024 05:33:05

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauth...

7.5

CVE-2020-4985

  • EPSS 0.21%
  • Published 14.05.2021 17:15:07
  • Last modified 21.11.2024 05:33:30

IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.

4.3

CVE-2020-4649

  • EPSS 0.16%
  • Published 03.11.2020 14:15:12
  • Last modified 21.11.2024 05:33:02

IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.

5.4

CVE-2020-4645

  • EPSS 0.24%
  • Published 29.07.2020 14:15:13
  • Last modified 21.11.2024 05:33:02

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

5.8

CVE-2020-4644

  • EPSS 0.34%
  • Published 29.07.2020 14:15:13
  • Last modified 21.11.2024 05:33:02

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victi...

6.1

CVE-2020-4503

  • EPSS 0.04%
  • Published 02.06.2020 14:15:11
  • Last modified 21.11.2024 05:32:49

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4

CVE-2020-4431

  • EPSS 0.24%
  • Published 02.06.2020 14:15:11
  • Last modified 21.11.2024 05:32:44

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...