CVE-2025-36262

EUVD-2025-31774
IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13 

could allow a malicious privileged user to bypass the UI to gain unauthorized access to sensitive information due to the improper validation of input.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
ibmCNA
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
ibmplanning_analytics_local
2.0.0 ≤
𝑥
≤ 2.0.106
ibmplanning_analytics_local
2.1.0 ≤
𝑥
≤ 2.1.13
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7246602