IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution
Posted on 28 March 2020
IBM Cognos TM1 Server / Planning Analytics Server (TM1) suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module.
