CVE-2019-4612

IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.

Published: Dec 10, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-4612
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-434

Affected Software
References

Software	From	Fixed in
ibm / planning_analytics	2.0	2.0.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/168523
https://www.ibm.com/support/pages/node/1118565

Vulnerability Database

290,273

CVE-2019-4612