May 28, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Planning Analytics 126.96.36.199. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Planning Analytics. These issues were disclosed as part of the IBM Java SDK updates in October 2019 and January 2020. IBM Planning Analytics has addressed the applicable CVEs. A Cross-Site Scripting (XSS) vulnerabiltiy in the PMHub Admin/Config Page has also been addressed.
Affected product(s) and affected version(s):
IBM Planning Analytics 2.0.0 – 2.0.9
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6213263