Primary

Context

IBM Planning Analytics Local Session Management Vulnerability Allowing User Impersonation

Vulnerability

Patched

A vulnerability exists in IBM Planning Analytics Local versions 2.0 and 2.1, where the application fails to properly invalidate user sessions after logout. This oversight could enable an authenticated user to impersonate another user within the system.

Impact

Exploitation of this vulnerability could lead to unauthorized user impersonation.

Remediation

Users are advised to upgrade to IBM Planning Analytics Local version 2.1.11 or version 2.0: Planning Analytics Workspace Release 104. Instructions for downloading these versions are available on Fix Central.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Planning Analytics Local Session Management Vulnerability Allowing User Impersonation

Vulnerability

Impact

Remediation

Affected Products

IBM Planning Analytics Local

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating