cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-22314,https://securityvulnerability.io/vulnerability/CVE-2022-22314,Local File Access Vulnerability in IBM Planning Analytics,"IBM Planning Analytics Local 2.0 has a vulnerability that allows web pages to be stored locally on the system. This can result in unauthorized access to sensitive data by other users on the same device. The risk arises from improper access controls, potentially exposing users to data leakage or exploitation. For more information, visit the official IBM support page.",IBM,Planning Analytics Workspace,4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-08T16:15:00.000Z,0
CVE-2021-39040,https://securityvulnerability.io/vulnerability/CVE-2021-39040,Malicious File Upload Vulnerability in IBM Planning Analytics Workspace,"IBM Planning Analytics Workspace 2.0 may allow attackers to exploit an inadequate validation mechanism for uploaded files. This vulnerability enables unauthorized users to upload malicious executable files, posing a risk of further attacks on the system. Proper security measures should be implemented to verify file types and sizes to mitigate potential threats.",IBM,Planning Analytics Workspace,6.3,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2022-04-25T16:16:00.000Z,0
CVE-2022-22392,https://securityvulnerability.io/vulnerability/CVE-2022-22392,Arbitrary File Upload Vulnerability in IBM Planning Analytics Local,"IBM Planning Analytics Local version 2.0 contains a vulnerability that permits attackers to upload arbitrary executable files. If these files are executed by an unsuspecting user, it could lead to unauthorized code execution, posing serious security risks. Organizations using this product should take immediate action to secure their systems and apply any necessary patches to mitigate potential threats.",IBM,Planning Analytics Workspace,6.8,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-04-22T00:00:00.000Z,0
CVE-2022-22308,https://securityvulnerability.io/vulnerability/CVE-2022-22308,Remote File Include Vulnerability in IBM Planning Analytics,"IBM Planning Analytics 2.0 is susceptible to a Remote File Include (RFI) vulnerability, allowing attackers to exploit user input within file include commands. This could enable the web application to inadvertently include and execute remote files containing malicious code, potentially compromising the security of the entire system. Users are advised to review their configurations and implement security best practices to mitigate the risks associated with this vulnerability.",IBM,"Planning Analytics,Planning Analytics Workspace",7.1,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2022-02-21T18:15:00.000Z,0
CVE-2020-4649,https://securityvulnerability.io/vulnerability/CVE-2020-4649,,IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.,IBM,"Planning Analytics Local,Planning Analytics Workspace",4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-11-03T14:15:00.000Z,0