CVE-2025-36262

Summary

IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13

could allow a malicious privileged user to bypass the UI to gain unauthorized access to sensitive information due to the improper validation of input.

Affected Software

VendorProductVersion RangeStatus
IBMPlanning Analytics Local2.0.0 <= 2.0.106affected
IBMPlanning Analytics Local2.1.0 <= 2.1.13affected

Weaknesses

  • CWE-1286: CWE-1286 Improper Validation of Syntactic Correctness of Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References