CVE-2019-4612: Malicious File Upload
First published: Mon Dec 09 2019(Updated: )
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Planning Analytics | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-4612.
What is the severity level of CVE-2019-4612?
The severity level of CVE-2019-4612 is high (8.8).
How does the vulnerability in IBM Planning Analytics 2.0 manifest?
The vulnerability in IBM Planning Analytics 2.0 allows attackers to upload malicious files through the My Account Portal.
What can an attacker do with the malicious file uploaded in IBM Planning Analytics 2.0?
An attacker can use the malicious file uploaded in IBM Planning Analytics 2.0 to perform further attacks.
Is there a fix available for CVE-2019-4612?
Please refer to IBM's support pages (link provided) for information on how to fix CVE-2019-4612.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm planning analytics
- version/ibm planning analytics/2.0