Vulnerability in Ibm Planning Analytics

CVE-2020-4873

IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.

EPSS: 0.001 (33.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/PR:N/UI:N/I:N/AV:N/A:N/AC:L/C:L/S:U/E:U/RL:O/RC:C.

Affected products

Ibm Planning Analytics — versions 2.0

References

www.ibm.com/support/pages/node/6404674 (x_refsource_CONFIRM)
ibm-planning-cve20204873-info-disc (190836) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2020-4873?: CVE-2020-4873 is a medium-severity vulnerability in Ibm Planning Analytics. CVSS score: 5.3/10. Published 2021-01-19.
How severe is CVE-2020-4873?: Medium severity. CVSS v3 base score is 5.3 out of 10.