CVE-2020-4882

Name of the Vulnerable Software and Affected Versions IBM Planning Analytics version 2.0

Description The issue allows for a Server-Side Request Forgery (SSRF) attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system.

Recommendations For IBM Planning Analytics version 2.0, consider restricting the construction of URLs from user-controlled data to minimize the risk of exploitation. As a temporary workaround, consider implementing additional validation and sanitization of user input to prevent malicious URL constructions.