CVE-2024-35143
published 2024-08-04CVE-2024-35143: IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Force ID: 292420.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | planning_analytics_local | — | — |
| ibm | planning_analytics_local | >= 2.0 < 2.0.97 | 2.0.97 |
| ibm | planning_analytics_local | >= 2.1.0 < 2.1.4 | 2.1.4 |
| ibm | planning_analytics_workspace | >= 2.0 < 2.0.97 | 2.0.97 |
| ibm | planning_analytics_workspace | >= 2.1 < 2.1.4 | 2.1.4 |