Description
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM X-Force ID: 184600.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
User Interaction
None
Scope
Unchanged
Attack Complexity
High
Privileges Required
None
Integrity
High
Confidentiality
High
Availability
None
RL
O
RC
Changed
E
Unchanged
Affected products
- ibm / planning_analytics_local2.0 – 2.0