File Deletion Vulnerability in IBM Planning Analytics by IBM
CVE-2025-33004
6.5MEDIUM
What is CVE-2025-33004?
IBM Planning Analytics Local versions 2.0 and 2.1 possess a vulnerability that allows a privileged user to delete files from system directories. This security flaw arises from inadequate pathname restrictions, potentially enabling unauthorized access to and manipulation of sensitive files.
Affected Version(s)
Planning Analytics Local 2.0
Planning Analytics Local 2.1
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved