Skip to main content

Planning Analytics Local CVE-2021-29739

MEDIUM
Unchecked Return Value (CWE-252)
2021-08-10 psirt@us.ibm.com
4.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 10, 2021 - 14:15 nvd
MEDIUM 4.9

DescriptionNVD

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.

AnalysisAI

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-252. IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846. Affected products include: Ibm Planning Analytics Local.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-35143 CRITICAL
9.1 Aug 04

IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. Rated critical severity (CVSS 9.1), this vulnerab

CVE-2020-4367 HIGH
7.5 Jun 02

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decr

CVE-2025-33004 MEDIUM
6.5 Jun 01

IBM Planning Analytics Local 2.0 and 2.1 could allow a privileged user to delete files from directories due to improper

CVE-2026-1267 MEDIUM
6.5 Mar 17

IBM Planning Analytics Local versions 2.1.0 through 2.1.17 contain an improper access control vulnerability (CWE-200) th

CVE-2025-33005 MEDIUM
6.3 Jun 01

IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could allow an authenticated u

CVE-2020-4503 MEDIUM
6.1 Jun 02

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerabi

CVE-2020-4366 MEDIUM
6.1 Jun 02

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerabi

CVE-2018-1676 MEDIUM
6.1 Jul 06

IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this

CVE-2025-14806 MEDIUM
5.7 Mar 17

IBM Planning Analytics Local versions 2.1.0 through 2.1.17 contain a cache poisoning vulnerability (CWE-524) where attac

CVE-2025-25044 MEDIUM
5.4 Jun 01

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticat

CVE-2024-31908 MEDIUM
5.4 May 31

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4),

CVE-2024-31907 MEDIUM
5.4 May 31

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this v

Share

CVE-2021-29739 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy