CVE-2020-4670
https://notcve.org/view.php?id=CVE-2020-4670
IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: 186401. IBM Planning Analytics Local versión 2.0, se conecta a un servidor Redis. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186401 https://www.ibm.com/support/pages/node/6436821 • CWE-306: Missing Authentication for Critical Function •
CVE-2020-4669
https://notcve.org/view.php?id=CVE-2020-4669
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Force ID: 184600. IBM Planning Analytics Local versión 2.0, se conecta a un servidor MongoDB. • https://exchange.xforce.ibmcloud.com/vulnerabilities/186400 https://www.ibm.com/support/pages/node/6436821 • CWE-862: Missing Authorization •