Cross-Site Request Forgery Vulnerability in IBM Planning Analytics
CVE-2021-20580
4.3MEDIUM
Summary
IBM Planning Analytics version 2.0 is susceptible to a cross-site request forgery (CSRF) vulnerability, which may enable attackers to perform unintended actions on behalf of authenticated users. This occurs when a trusted user unknowingly executes malicious commands. Attackers could exploit this vulnerability to carry out unauthorized operations, compromising the security of the system and user data.
Affected Version(s)
Planning Analytics 2.0
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved