Vulnerabilities > IBM > Planning Analytics > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-08 | CVE-2022-22339 | Server-Side Request Forgery (SSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). | 7.3 |
| 2022-02-21 | CVE-2022-22308 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. | 7.8 |
| 2021-11-24 | CVE-2021-38873 | Injection vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. | 7.8 |
| 2021-01-19 | CVE-2020-4881 | Origin Validation Error vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. | 7.5 |
| 2020-02-05 | CVE-2019-4613 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-12-09 | CVE-2019-4612 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. | 8.8 |