CVE-2022-22308

Summary

IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.

Affected Software

VendorProductVersion RangeStatus
IBMPlanning Analytics2.0affected
IBMPlanning Analytics Workspace2.0affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References