CVE-2020-4871

CWE-922CWE-200Information Exposure3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 84.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Planning Analytics
Timeline
PublishedJan 19
Latest updateMay 24

Description

IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/planning_analytics2.0

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-p4qg-w83v-686g: IBM Planning Analytics 22022-05-24
CVEList
CVE-2020-4871: IBM Planning Analytics 22021-01-19
CVE-2020-4871 (MEDIUM CVSS 5.5) | IBM Planning Analytics 2.0 allows w | cvebase.io