Unrated severityCISA KEVNVD Advisory· Published Dec 18, 2019· Updated Jan 12, 2026

CVE-2019-4716

Description

IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.

Affected products

IBM/Planning Analyticsv5
Range: 2.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/156953/IBM-Cognos-TM1-IBM-Planning-Analytics-Server-Configuration-Overwrite-Code-Execution.htmlmitrex_refsource_MISC
seclists.org/fulldisclosure/2020/Mar/44mitremailing-listx_refsource_FULLDISC
exchange.xforce.ibmcloud.com/vulnerabilities/172094mitrevdb-entryx_refsource_XF
www.ibm.com/support/pages/node/1127781mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000