Security Bulletin: IBM Planning Analytics has addressed a security vulnerability...

Security Bulletin: IBM Planning Analytics has addressed a security vulnerability (CVE-2020-4764)

April 28, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title	Security Bulletin: IBM Planning Analytics has addressed a security vulnerability (CVE-2020-4764)
Type	ibm
Published	2025-04-28T20:41:23
Last Seen	2025-04-29T02:56:43
CVSS Score	6.5 (MEDIUM)

CVSS v3 Details

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	REQUIRED
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	HIGH
Availability Impact	NONE

CVE Information

CVE IDs	CVE-2020-4764
CWE
Bulletin Family	software

Description

## Summary

This Security Bulletin addresses a security vulnerability that has been remediated in IBM Planning Analytics 2.0.9.4

## Vulnerability Details

**CVEID:**CVE-2020-4764
**DESCRIPTION:** IBM Planning Analytics is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/188898 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

## Affected Products and Versions

IBM Planning Analytics 2.0

## Remediation/Fixes

The recommended solution is to apply the fix as soon as possible:

IBM Planning Analytics Local 2.0.9.4 is now available for download on Fix Central

## Workarounds and Mitigations

None

Impact Assessment

Base Score	6.5
Severity	MEDIUM

View full CVE details