CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

High

CISA KEVEPSS 91.5%

CVE-2019-4716

IBM—Planning Analytics

IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

EPSS — Exploit Probability

91.5%

Higher than 99.7% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2019-4716

Vulnerability Overview

Severity: High
EPSS: 91.5%
CISA KEV: Yes
Ransomware: Unknown
Published: Nov 3, 2021
KEV Added: Nov 3, 2021
Due Date: May 3, 2022
Related Articles: 0

Vendor

IBM

Planning Analytics