Rewterz Threat Advisory – CVE-2022-22308 – IBM Planning Analytics file include Vulnerability

Contextual Threat Intelligence, Empowering Organizations By Providing More Insights

February 21, 2022

Rewterz Threat Advisory – CVE-2022-25375 – Linux Kernel Vulnerability

February 22, 2022

Rewterz Threat Advisory – CVE-2022-22308 – IBM Planning Analytics file include Vulnerability

Severity

High

Analysis Summary

CVE-2022-22308

IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code.

Impact

Unauthorized Access

Indicators of Compromise

CVE

CVE-2022-22308

Affected Vendors

IBM

Affected Products

IBM Planning Analytics 2.0
IBM Planning Analytics Workspace 2.0

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

https://www.ibm.com/support/pages/node/6557106

Contextual Threat Intelligence, Empowering Organizations By Providing More Insights

Rewterz Threat Advisory – CVE-2022-25375 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2022-22308 – IBM Planning Analytics file include Vulnerability

Severity

Analysis Summary

CVE-2022-22308

Impact

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan