CVE-2023-42017 Information

Description

IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files caused by the improper validation of file extensions. By sending a specially crafted HTTP request a remote attacker could exploit this vulnerability to upload a malicious script which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567.

Reference

https://www.ibm.com/support/pages/node/7096528 https://exchange.xforce.ibmcloud.com/vulnerabilities/265567