Primary

Context

IBM Planning Analytics Malicious File Upload Vulnerability

Vulnerability

Patched

A vulnerability allowing malicious file uploads has been identified in IBM Planning Analytics versions 2.0 and 2.1. This issue arises because the File Manager T1 process does not properly validate file types, enabling attackers to upload harmful executable files that could be sent to victims for further exploitation.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, allowing for the distribution of malicious executables that could be used to compromise system security or perform harmful actions on behalf of the user.

Remediation

Users are advised to upgrade to IBM Planning Analytics Local version 2.1.6 or version 2.0: Planning Analytics Workspace Release 99. Instructions for downloading these versions are available on Fix Central.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Planning Analytics Malicious File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Planning Analytics

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating