Описание
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 2.0.8 (включая)
cpe:2.3:a:ibm:planning_analytics:*:*:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.91532
Критический
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-94
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
CVSS3: 10
fstec
около 6 лет назад
Уязвимость сервера приложений Application Server ERP-системы IBM Planning Analytics, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код
EPSS
Процентиль: 100%
0.91532
Критический
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-94
CWE-94