Sensitive Information Disclosure in IBM Planning Analytics Local
CVE-2020-4985

3.7LOW

Key Information:

Vendor: IBM
Status: Planning Analytics Local
Vendor: CVE Published:; 14 May 2021

What is CVE-2020-4985?

IBM Planning Analytics Local 2.0 has a vulnerability that allows attackers to obtain sensitive information by exploiting a flaw in how body parameters are handled in queries. This enables unauthorized access to potentially critical data, emphasizing the need for prompt updates and security best practices to mitigate risks.

Affected Version(s)

Planning Analytics Local 2.0

References

https://www.ibm.com/support/pages/node/6452743

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/192642

vdb-entryx_refsource_XF

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2021
Vulnerability Reserved
Dec 30, 2019