Skip to main content

CVE-2025-25044: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Planning Analytics Local

Medium
VulnerabilityCVE-2025-25044cvecve-2025-25044cwe-79
Published: Sun Jun 01 2025 (06/01/2025, 11:35:22 UTC)
Source: CVE Database V5
Vendor/Project: IBM
Product: Planning Analytics Local

Description

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AI-Powered Analysis

AILast updated: 07/09/2025, 00:56:47 UTC

Technical Analysis

CVE-2025-25044 is a cross-site scripting (XSS) vulnerability identified in IBM Planning Analytics Local versions 2.0 and 2.1. This vulnerability stems from improper neutralization of input during web page generation, classified under CWE-79. Specifically, an authenticated user can inject arbitrary JavaScript code into the web user interface of the affected product. The injected script executes within the context of the trusted session, potentially altering the intended functionality of the application. This can lead to the disclosure of sensitive information such as user credentials or session tokens. The vulnerability requires the attacker to have valid credentials (authenticated user) and involves user interaction to trigger the malicious script. The CVSS v3.1 base score is 5.4 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), privileges required (PR:L), user interaction required (UI:R), scope changed (S:C), and low impact on confidentiality and integrity (C:L, I:L), with no impact on availability (A:N). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability affects the web interface component of IBM Planning Analytics Local, which is used for business planning, budgeting, and forecasting, often integrated into enterprise environments.

Potential Impact

For European organizations using IBM Planning Analytics Local 2.0 or 2.1, this vulnerability poses a moderate risk. Since the flaw requires authenticated access, the threat is primarily from insider threats or compromised user accounts. Successful exploitation could lead to unauthorized disclosure of credentials or session tokens, enabling attackers to escalate privileges or move laterally within the network. This can undermine the confidentiality and integrity of sensitive financial and planning data, potentially affecting decision-making processes and compliance with data protection regulations such as GDPR. Additionally, the altered functionality could disrupt business workflows or lead to data manipulation. Given the critical nature of financial planning data in enterprises, even a medium-severity vulnerability warrants prompt attention to prevent potential exploitation that could result in reputational damage or regulatory penalties.

Mitigation Recommendations

European organizations should implement the following specific mitigations: 1) Restrict access to IBM Planning Analytics Local to trusted users only and enforce strong authentication mechanisms, including multi-factor authentication (MFA), to reduce the risk of compromised credentials. 2) Monitor user activities and audit logs for unusual behavior indicative of attempted XSS exploitation or unauthorized script injections. 3) Apply strict input validation and output encoding on all user-supplied data in the web UI, if customization or scripting is supported, to prevent injection of malicious code. 4) Segment the network to isolate the Planning Analytics environment from broader enterprise systems, limiting lateral movement in case of compromise. 5) Stay updated with IBM security advisories and apply patches or updates promptly once available. 6) Educate users about the risks of XSS and safe usage practices within the application. 7) Consider deploying web application firewalls (WAFs) with rules tuned to detect and block XSS payloads targeting this product. These measures go beyond generic advice by focusing on access control, monitoring, and environment segmentation tailored to the affected product and vulnerability specifics.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ibm
Date Reserved
2025-02-01T15:07:06.691Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683c475c182aa0cae212045c

Added to database: 6/1/2025, 12:28:12 PM

Last enriched: 7/9/2025, 12:56:47 AM

Last updated: 7/30/2025, 4:11:33 PM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats