Primary

Context

IBM Planning Analytics Local Caching Vulnerability Allowing Exposure of Sensitive User-Specific Information

Vulnerability

Patched

A vulnerability in IBM Planning Analytics Local versions 2.1.0 through 2.1.17 could enable an attacker to manipulate the caching mechanism. This could result in sensitive, user-specific responses being stored and served as publicly cacheable resources. The issue arises from improper handling of cache contents, allowing for the exposure of confidential information.

Impact

Exploitation of this vulnerability could lead to the unintentional disclosure of sensitive user-specific information, which could be accessed as a publicly cacheable resource.

Remediation

Users are advised to upgrade to IBM Planning Analytics Local version 2.1.18, available for download from Fix Central.

Added: Mar 17, 2026, 10:35 PM

Updated: Mar 17, 2026, 10:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

6.2

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

6.2

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Planning Analytics Local Caching Vulnerability Allowing Exposure of Sensitive User-Specific Information

Vulnerability

Impact

Remediation

Affected Products

IBM Planning Analytics Local

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating