CVE-2021-29853: 
IBM Planning Analytics vulnerability analysis and mitigation

IBM Planning Analytics could expose sensitive information that could be used to create attacks by not validating the return values from some methods or functions. The vulnerability, identified as CVE-2021-29853, was discovered in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace and was addressed in Release 67 (IBM Support).

The vulnerability has been assigned a CVSS Base score of 4.3 with a vector of (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). This scoring indicates that the vulnerability requires network access and low privileges to exploit, with no user interaction needed. The impact is primarily limited to confidentiality, with no direct impact on integrity or availability (IBM Support).

The vulnerability could allow attackers to access sensitive information due to improper validation of return values from methods or functions. The exposure is limited to information disclosure with no direct impact on system integrity or availability (IBM Support).

IBM has addressed this vulnerability in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 67. Users are recommended to apply this security update, which can be downloaded from Fix Central. For IBM Planning Analytics with Watson, the vulnerability has already been addressed and no further action is required (IBM Support).