📦 Planning Analytics Local

by Ibm

🔍 What is Planning Analytics Local?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-36357

HIGH CVSS 8.0 Nov 17, 2025

CVE-2025-36357 is a directory traversal vulnerability in IBM Planning Analytics Local that allows authenticated remote attackers to access arbitrary files on the system. Attackers can exploit this by ...

CVE-2020-4985

HIGH CVSS 7.5 May 14, 2021

IBM Planning Analytics Local 2.0 has an information disclosure vulnerability where the system accepts body parameters in queries, potentially exposing sensitive data. This affects organizations using ...

CVE-2025-36437

MEDIUM CVSS 4.3 Dec 9, 2025

This vulnerability in IBM Planning Analytics Local versions 2.1.0 through 2.1.15 allows attackers to obtain sensitive information about server architecture. This information disclosure could help atta...

CVE-2025-36299

MEDIUM CVSS 4.3 Nov 17, 2025

IBM Planning Analytics Local versions 2.1.0 through 2.1.14 store sensitive information in source code, potentially exposing credentials or configuration data. This information disclosure vulnerability...

CVE-2025-36262

MEDIUM CVSS 4.9 Sep 30, 2025

This vulnerability in IBM Planning Analytics Local allows malicious privileged users to bypass the user interface and access sensitive information through improper input validation. It affects version...

CVE-2025-25044

MEDIUM CVSS 5.4 Jun 1, 2025

IBM Planning Analytics Local versions 2.0 and 2.1 contain a cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could e...

CVE-2025-33004

MEDIUM CVSS 6.5 Jun 1, 2025

This vulnerability in IBM Planning Analytics Local allows privileged users to delete files from directories they shouldn't have access to due to improper pathname restrictions. It affects IBM Planning...

CVE-2024-35143

MEDIUM CVSS 6.7 Aug 4, 2024

IBM Planning Analytics Local 2.0 and 2.1 connects to MongoDB without requiring authentication, allowing remote attackers to access the database. This affects organizations using these specific version...

CVE-2024-31889

MEDIUM CVSS 5.4 May 31, 2024

IBM Planning Analytics Local versions 2.0 and 2.1 contain a cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could e...

CVE-2024-31908

MEDIUM CVSS 6.4 May 31, 2024

IBM Planning Analytics Local 2.0 and 2.1 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated users to inject malicious JavaScript into the web interface. This could en...