CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability
Project:IBM
Product:Planning Analytics
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
IBM Planning Analytics Remote Code Execution Vulnerability
Description
IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-4716