Vulnerabilities > IBM > Planning Analytics > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-42017 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. | 9.8 |
| 2019-12-18 | CVE-2019-4716 | Code Injection vulnerability in IBM Planning Analytics IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. | 9.8 |