Ibm

Planning Analytics Local

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-25044

  • EPSS 0.04%
  • Veröffentlicht 01.06.2025 11:35:22
  • Zuletzt bearbeitet 09.06.2025 18:08:44

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...

9.1

CVE-2024-35143

  • EPSS 0.09%
  • Veröffentlicht 04.08.2024 13:15:57
  • Zuletzt bearbeitet 11.09.2024 14:34:13

IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gai...

5.4

CVE-2024-31889

  • EPSS 0.21%
  • Veröffentlicht 31.05.2024 13:15:09
  • Zuletzt bearbeitet 08.01.2025 17:10:40

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...

5.4

CVE-2024-31908

  • EPSS 0.21%
  • Veröffentlicht 31.05.2024 13:15:09
  • Zuletzt bearbeitet 08.01.2025 17:02:59

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

5.4

CVE-2024-31907

  • EPSS 0.21%
  • Veröffentlicht 31.05.2024 13:15:09
  • Zuletzt bearbeitet 08.01.2025 17:06:40

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...

5.4

CVE-2023-28520

  • EPSS 0.22%
  • Veröffentlicht 12.05.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 07:55:16

IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

4.9

CVE-2021-29739

  • EPSS 0.14%
  • Veröffentlicht 10.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:43

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.

9.1

CVE-2020-4670

  • EPSS 0.62%
  • Veröffentlicht 17.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:06

IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access t...

9.1

CVE-2020-4669

  • EPSS 0.78%
  • Veröffentlicht 17.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:05

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauth...

7.5

CVE-2020-4985

  • EPSS 0.21%
  • Veröffentlicht 14.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:30

IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.