Lucene search
IBM9AADD92C9B0F21BEA24683792736ACB92EF86EE85DBBC7770B410453E97297F4HistoryDec 17, 2020 - 4:35 p.m.
Security Bulletin: IBM Planning Analytics has addressed a security vulnerability (CVE-2020-4764)
2020-12-1716:35:33
www.ibm.com
12
ibm planning analytics
security vulnerability
cross-site request forgery
fix available
EPSS
0.001
Percentile
20.3%
Summary
This Security Bulletin addresses a security vulnerability that has been remediated in IBM Planning Analytics 2.0.9.4
Vulnerability Details
CVEID:CVE-2020-4764
**DESCRIPTION:**IBM Planning Analytics is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/188898 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
Affected Products and Versions
IBM Planning Analytics 2.0
Remediation/Fixes
The recommended solution is to apply the fix as soon as possible:
IBM Planning Analytics Local 2.0.9.4 is now available for download on Fix Central
Workarounds and Mitigations
None
Related
prion
prion
Cross site request forgery (csrf)
2020-12-18 15:15:00
cvelist
cvelist
CVE-2020-4764
2020-12-18 15:00:16
nvd
nvd
CVE-2020-4764
2020-12-18 15:15:12
cve
cve
CVE-2020-4764
2020-12-18 15:15:12
EPSS
0.001
Percentile
20.3%
Related for 9AADD92C9B0F21BEA24683792736ACB92EF86EE85DBBC7770B410453E97297F4