CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26024 – IBM Planning Analytics on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26024
01 Dec 2023 — IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898. IBM Planning Analytics on Cloud Pak for Data 4.0 podría permitir que un atacante en una red compartida obtenga información confidencial causada por una comunicación de red insegura. ID de IBM X-Force: 247898. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4670
https://notcve.org/view.php?id=CVE-2020-4670
17 May 2021 — IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: 186401. IBM Planning Analytics Local versión 2.0, se conecta a un servidor Redis. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186401 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4669
https://notcve.org/view.php?id=CVE-2020-4669
17 May 2021 — IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Force ID: 184600. IBM Planning Analytics Local versión 2.0, se conecta a un servidor MongoDB. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186400 • CWE-862: Missing Authorization •