CVE-2021-20580

CWE-352Cross-Site Request Forgery (CSRF)3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 74.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Planning Analytics
Timeline
PublishedJun 29
Latest updateMay 24

Description

IBM Planning Analytics 2.0 could be vulnerable to cross-site request forgery (CSRF) which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 198241.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/planning_analytics2.0

🔴Vulnerability Details

2
GHSA
GHSA-vh49-hg45-89gx: IBM Planning Analytics 22022-05-24
CVEList
CVE-2021-20580: IBM Planning Analytics 22021-06-29
CVE-2021-20580 (MEDIUM CVSS 4.3) | IBM Planning Analytics 2.0 could be | cvebase.io