CVE-2019-4716
CVE-2019-4716
In short
IBM Planning Analytics allows anyone to log in as an administrator without a password and run dangerous commands with the highest system permissions. This is a critical flaw that gives complete control of the system to attackers.
Technical detail
An unauthenticated attacker can exploit a configuration overwrite vulnerability to gain admin credentials, then leverage TM1 scripting functionality to achieve remote code execution with root/SYSTEM privileges. The vulnerability affects versions 2.0.0 through 2.0.8 and requires no prior access or authentication.
Summary generated and translated by AI from the official description.
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
CVSS:3.0/UI:N/AC:L/PR:N/I:H/S:C/AV:N/C:H/A:H/RC:C/RL:O/E:U
Affected products
IBM · Planning Analyticspublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/156953/IBM-Cognos-TM1-IBM-Planning-Analytics-Server-Configuration-Overwrite-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48273unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/156953/IBM-Cognos-TM1-IBM-Planning-Analytics-Server-Configuration-Overwrite-Code-Execution.htmlhttp://seclists.org/fulldisclosure/2020/Mar/44https://exchange.xforce.ibmcloud.com/vulnerabilities/172094https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-4716https://www.ibm.com/support/pages/node/1127781