CVE-2020-4670

Summary

IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: 186401.

Affected Software

VendorProductVersion RangeStatus
IBMPlanning Analytics Local2.0affected

Weaknesses

  • Data Manipulation

ADP Enrichment

CVE Program Container

Additional References

References