Cybersecurity Alerts

IBM Planning Analytics Remote Code Execution Vulnerability

IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-94

References

• https://nvd.nist.gov/vuln/detail/CVE-2019-4716