CVE-2025-14806

CWE-5243 documents3 sources

Severity

5.7MEDIUM

EPSS

0.0%

top 91.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Planning Analytics Local

Timeline

PublishedMar 17

Latest updateMar 18

Description

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/planning_analytics_local2.1.0 — 2.1.18

▶CVEListV5ibm/planning_analytics_local2.1.0 — 2.1.17

🔴Vulnerability Details

GHSA

GHSA-fwj3-7ppr-qcv6: IBM Planning Analytics Local 2↗2026-03-18

▶

CVEList

IBM Planning Analytics Information Disclosure↗2026-03-17

▶