CVE-2023-26024 – IBM Planning Analytics on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26024
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898. IBM Planning Analytics on Cloud Pak for Data 4.0 podría permitir que un atacante en una red compartida obtenga información confidencial causada por una comunicación de red insegura. ID de IBM X-Force: 247898. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 https://https://www.ibm.com/support/pages/node/7082784 https://www.ibm.com/support/pages/node/7082784 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2020-4670
https://notcve.org/view.php?id=CVE-2020-4670
IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: 186401. IBM Planning Analytics Local versión 2.0, se conecta a un servidor Redis. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186401 https://www.ibm.com/support/pages/node/6436821 • CWE-306: Missing Authentication for Critical Function •
CVE-2020-4669
https://notcve.org/view.php?id=CVE-2020-4669
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Force ID: 184600. IBM Planning Analytics Local versión 2.0, se conecta a un servidor MongoDB. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186400 https://www.ibm.com/support/pages/node/6436821 • CWE-862: Missing Authorization •