CVEブラウザに戻る

CVE-2019-4612

HIGH

8.8

CVSS Severity Score

EPSS Score0.1710%

EPSS Percentile9.49th

Published2019年12月9日

Last Modified2024年11月21日

Vulnerability Description

IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.

Affected Platforms (CPE)

📦

Ibm

Planning Analytics

= 2.0

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/168523

🔗 https://www.ibm.com/support/pages/node/1118565

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/168523

🔗 https://www.ibm.com/support/pages/node/1118565

関連する脆弱性情報

CVE-2019-47169.8

IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login...

CVE-2020-46709.1

IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the r...

CVE-2020-46699.1

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the r...

CVE-2019-46138.8

IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unau...