CVE-2021-39040

Name of the Vulnerable Software and Affected Versions IBM Planning Analytics Workspace version 2.0

Description The issue allows malicious file upload by not validating the file types or sizes. Attackers can exploit this weakness to upload malicious executable files into the system, which can then be sent to victims for further attacks.

Recommendations For IBM Planning Analytics Workspace version 2.0, consider implementing file type and size validation to prevent malicious file uploads until a patch is available. As a temporary workaround, restrict access to file upload functionality to minimize the risk of exploitation.