- Description
- IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks.
- Source
- psirt@us.ibm.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@us.ibm.com
- CWE-434
- Hype score
- Not currently trending
CVE-2024-40693 Malicious File Upload Risk in IBM Planning Analytics 2.x https://t.co/K5RdxVYlbb
@VulmonFeeds
24 Jan 2025
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-40693 IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can… https://t.co/8Btb7S3FU4
@CVEnew
24 Jan 2025
267 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes