Information Exposure in IBM Planning Analytics
CVE-2021-29853

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Planning Analytics Local
Vendor: CVE Published:; 1 September 2021

Summary

IBM Planning Analytics 2.0 is susceptible to information exposure due to a failure in properly validating return values from certain methods and functions. This lack of validation could allow attackers to manipulate data, potentially leading to further security incidents. Organizations using this software should take immediate steps to assess their systems and apply necessary patches to mitigate risks associated with this vulnerability. For more information, please refer to the IBM support page and X-Force vulnerability database for detailed insights.

Affected Version(s)

Planning Analytics Local 2.0

References

https://www.ibm.com/support/pages/node/6480413

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/205529

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 1, 2021
Vulnerability Reserved
Mar 31, 2021