Vulnerabilities > IBM > Planning Analytics > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-42017 Unspecified vulnerability in IBM Planning Analytics 2.0
IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions.
network
low complexity
ibm
critical
9.8
2019-12-18 CVE-2019-4716 Code Injection vulnerability in IBM Planning Analytics
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
network
low complexity
ibm CWE-94
critical
9.8