Vulnerabilities > CVE-2020-4648 - Incorrect Authorization vulnerability in IBM Planning Analytics 2.0

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

ibm

CWE-863

NVD

Published: 2020-08-19

Updated: 2021-07-21

Summary

A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Planning Analytics 2.0	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://www.ibm.com/support/pages/node/6254788
https://exchange.xforce.ibmcloud.com/vulnerabilities/186019