Wiz
Vulnerability DatabaseCVE-2021-29851

CVE-2021-29851
IBM Planning Analytics vulnerability analysis and mitigation

Overview

IBM Planning Analytics 2.0 is affected by a security vulnerability (CVE-2021-29851) that could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. The vulnerability was disclosed on August 31, 2021 and affects the Planning Analytics Workspace component (IBM Security).

Technical details

The vulnerability has a CVSS Base score of 4.3 with a vector of (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). This indicates that the vulnerability requires low attack complexity, requires low privileges, needs no user interaction, and can result in low confidentiality impact with no impact to integrity or availability (IBM Security).

Impact

The vulnerability could allow remote attackers to obtain sensitive information through stack trace exposure in the browser. The impact is limited to information disclosure with no compromise to system integrity or availability (IBM Security).

Mitigation and workarounds

IBM has released a security update to address this vulnerability in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 67. Users are recommended to apply this update. The vulnerability has already been addressed in IBM Planning Analytics with Watson and requires no further action (IBM Security).

Additional resources

SourceThis report was generated using AI

Related IBM Planning Analytics vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2023-42017CRITICAL9.8
  • IBM Planning AnalyticsIBM Planning Analytics
  • cpe:2.3:a:ibm:planning_analytics
NoYesDec 22, 2023
CVE-2024-25034HIGH8.8
  • IBM Planning AnalyticsIBM Planning Analytics
  • cpe:2.3:a:ibm:planning_analytics
NoYesJan 24, 2025
CVE-2024-40693HIGH8
  • IBM Planning AnalyticsIBM Planning Analytics
  • cpe:2.3:a:ibm:planning_analytics
NoYesJan 24, 2025
CVE-2022-22339HIGH7.3
  • IBM Planning AnalyticsIBM Planning Analytics
  • cpe:2.3:a:ibm:planning_analytics
NoYesApr 08, 2022
CVE-2021-39047MEDIUM6.1
  • IBM Planning AnalyticsIBM Planning Analytics
  • cpe:2.3:a:ibm:planning_analytics
NoYesJun 24, 2022

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo