Cross-Site Request Forgery Vulnerability in IBM Planning Analytics
CVE-2021-20580

4.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 June 2021

Summary

IBM Planning Analytics version 2.0 is susceptible to a cross-site request forgery (CSRF) vulnerability, which may enable attackers to perform unintended actions on behalf of authenticated users. This occurs when a trusted user unknowingly executes malicious commands. Attackers could exploit this vulnerability to carry out unauthorized operations, compromising the security of the system and user data.

Affected Version(s)

Planning Analytics 2.0

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.