CVE-2020-4669

Name of the Vulnerable Software and Affected Versions IBM Planning Analytics Local version 2.0

Description The issue concerns a configuration where MongoDB, a document-oriented database system, is listening on a remote port without password authentication, allowing a remote attacker to gain unauthorized access to the database. This setup enables potential exploitation, compromising the security of the database.

Recommendations For IBM Planning Analytics Local version 2.0, consider configuring MongoDB to require password authentication for connections to prevent unauthorized access. As a temporary workaround, restrict access to the MongoDB server to minimize the risk of exploitation.