CVE-2025-36299
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-17
Last updated on: 2025-11-19
Assigner: IBM Corporation
Description
Description
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | planning_analytics_local | From 2.1.0 (inc) to 2.1.15 (exc) |
| ibm | planning_analytics_workspace | From 2.1.0 (inc) to 2.1.15 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-540 | Source code on a web server or repository often contains sensitive information and should generally not be accessible to users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM Planning Analytics Local versions 2.1.0 through 2.1.14 involves the storage of sensitive information within the source code. This exposed sensitive data could be leveraged by attackers to conduct further attacks against the affected system.
How can this vulnerability impact me? :
The impact of this vulnerability is that sensitive information exposure could allow attackers to gain insights or access that facilitates additional attacks on the system, potentially compromising confidentiality or system security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70