CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36357

IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 14.0%

CVSS Severity

CVSS v3 Score 8.0

References

https://www.ibm.com/support/pages/node/7251265

Products affected by CVE-2025-36357

Ibm » Planning Analytics Local » Version: 2.1.0

cpe:2.3:a:ibm:planning_analytics_local:2.1.0
Ibm » Planning Analytics Local » Version: 2.1.1

cpe:2.3:a:ibm:planning_analytics_local:2.1.1
Ibm » Planning Analytics Local » Version: 2.1.13

cpe:2.3:a:ibm:planning_analytics_local:2.1.13
Ibm » Planning Analytics Local » Version: 2.1.14

cpe:2.3:a:ibm:planning_analytics_local:2.1.14
Ibm » Planning Analytics Local » Version: 2.1.2

cpe:2.3:a:ibm:planning_analytics_local:2.1.2
Ibm » Planning Analytics Local » Version: 2.1.3

cpe:2.3:a:ibm:planning_analytics_local:2.1.3
Ibm » Planning Analytics Local » Version: 2.1.4

cpe:2.3:a:ibm:planning_analytics_local:2.1.4
Ibm » Planning Analytics Workspace » Version: 2.1.0

cpe:2.3:a:ibm:planning_analytics_workspace:2.1.0
Ibm » Planning Analytics Workspace » Version: 2.1.14

cpe:2.3:a:ibm:planning_analytics_workspace:2.1.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36357

Products

Pricing

Contact Us