IBM Planning Analytics, a planning, budgeting, forecasting and analysis solution, is vulnerable to an information disclosure in IBM Planning Analytics version 2.0. The vulnerability stems from the HTTPOnly flag not being set. A remote attacker could use this vulnerability to obtain sensitive information from cookies.