CVE-2019-4612

Name of the Vulnerable Software and Affected Versions IBM Planning Analytics version 2.0

Description The issue allows for malicious file upload in the My Account Portal. Attackers can exploit this weakness to upload malicious executable files into the system, which can then be sent to victims for further attacks.

Recommendations For IBM Planning Analytics version 2.0, consider restricting file upload capabilities in the My Account Portal until a fix is available. As a temporary workaround, implement strict validation and sanitization of uploaded files to minimize the risk of malicious file uploads.