File Deletion Vulnerability in IBM Planning Analytics by IBM
CVE-2025-33004

6.5MEDIUM

Key Information:

Vendor

IBM
Status
Planning Analytics Local
Vendor
CVE Published:
1 June 2025

What is CVE-2025-33004?

IBM Planning Analytics Local versions 2.0 and 2.1 possess a vulnerability that allows a privileged user to delete files from system directories. This security flaw arises from inadequate pathname restrictions, potentially enabling unauthorized access to and manipulation of sensitive files.

Affected Version(s)

Planning Analytics Local 2.0, 2.1

References

https://www.ibm.com/support/pages/node/7235182
vendor-advisory

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-33004 : File Deletion Vulnerability in IBM Planning Analytics by IBM