Planning Analytics Local
by IBM
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-1267 | 0.00 | — | 0.00 | Mar 17, 2026 | IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls. | ||
| CVE-2025-14806 | 0.00 | — | 0.00 | Mar 17, 2026 | IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources. | ||
| CVE-2025-36437 | 0.00 | — | 0.00 | Dec 9, 2025 | IBM Planning Analytics Local 2.1.0 - 2.1.15 could disclose sensitive information about server architecture that could aid in further attacks against the system. | ||
| CVE-2025-36299 | 0.00 | — | 0.00 | Nov 17, 2025 | IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system. | ||
| CVE-2025-36357 | 0.00 | — | 0.00 | Nov 17, 2025 | IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system. |
- CVE-2026-1267Mar 17, 2026risk 0.00cvss —epss 0.00
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive application data and administrative functionalities due to lack of proper access controls.
- CVE-2025-14806Mar 17, 2026risk 0.00cvss —epss 0.00
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources.
- CVE-2025-36437Dec 9, 2025risk 0.00cvss —epss 0.00
IBM Planning Analytics Local 2.1.0 - 2.1.15 could disclose sensitive information about server architecture that could aid in further attacks against the system.
- CVE-2025-36299Nov 17, 2025risk 0.00cvss —epss 0.00
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system.
- CVE-2025-36357Nov 17, 2025risk 0.00cvss —epss 0.00
IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system.