Vulnerabilities > IBM > Planning Analytics Local > 2.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-04 | CVE-2024-35143 | Missing Authentication for Critical Function vulnerability in IBM products IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. | 9.1 |
| 2020-11-03 | CVE-2020-4649 | Information Exposure vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. | 4.3 |
| 2020-07-29 | CVE-2020-4645 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. | 5.4 |
| 2020-07-29 | CVE-2020-4644 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-06-02 | CVE-2020-4503 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. | 6.1 |
| 2020-06-02 | CVE-2020-4431 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2020-06-02 | CVE-2020-4367 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2020-06-02 | CVE-2020-4366 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. | 6.1 |
| 2020-06-02 | CVE-2020-4360 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2020-05-29 | CVE-2020-4306 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. | 5.4 |