Lucene search
IBM96AA6E96C459B552487D37879C1210BD7926BC641E7FD69543382941733FFB5FHistoryAug 09, 2018 - 11:56 a.m.
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2012-5783)
2018-08-0911:56:35
www.ibm.com
10
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
Summary
Websphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin.
Vulnerability Details
Please consult the security bulletin Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783) for vulnerability details and information about fixes.
Affected Products and Versions
| Principal Product and Version(s) | Affected Supporting Product and Version |
|---|---|
| IBM Operations Analytics Predictive Insights version 1.3.6 | Websphere Application Server 8.5.5.x |
| IBM Operations Analytics Predictive Insights versions 1.3.3, 1.3.5 | Websphere Application Server 8.5.0.x This needs to be upgraded to minimum 8.5.5.12, noting this known issue, before applying the fix mentioned in the linked bulletin. |
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm operations analytics - predictive insights | eq | any |
Related
openvas
openvas
Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189
2013-02-04 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-169)
2015-09-08 00:00:00
Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289
2013-02-04 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2012-5783)
2018-09-05 16:28:01
nessus
nessus
Oracle Linux 5 / 6 : jakarta-commons-httpclient (ELSA-2013-0270)
2013-07-12 00:00:00
SuSE 11.2 Security Update : jakarta (SAT Patch Number 7574)
2013-04-04 00:00:00
Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2013-169)
2013-09-04 00:00:00
oraclelinux
oraclelinux
jakarta-commons-httpclient security update
2013-02-19 00:00:00
github
github
Improper Certificate Validation in apache HttpClient
2022-05-13 01:10:34
Improper certificate validation in org.apache.httpcomponents:httpclient
2018-10-17 00:05:15
prion
prion
Code injection
2012-11-04 22:55:00
Design/Logic Flaw
2014-09-04 17:55:00
fedora
fedora
[SECURITY] Fedora 18 Update: jakarta-commons-httpclient-3.1-12.fc18
2013-02-01 16:27:25
[SECURITY] Fedora 16 Update: jakarta-commons-httpclient-3.1-12.fc16
2013-02-01 16:49:49
[SECURITY] Fedora 17 Update: jakarta-commons-httpclient-3.1-12.fc17
2013-02-01 16:45:35
redhat
redhat
(RHSA-2013:0680) Moderate: jakarta-commons-httpclient security update
2013-03-25 00:00:00
(RHSA-2013:0682) Moderate: jakarta-commons-httpclient security update
2013-03-25 00:00:00
(RHSA-2014:0224) Moderate: redhat-support-plugin-rhev security update
2014-02-27 00:00:00
cgr
cgr
CVE-2012-5783 vulnerabilities
2024-04-25 21:08:41
cve
cve
CVE-2012-5783
2012-11-04 22:55:00
CVE-2012-6153
2014-09-04 17:55:00
mageia
mageia
Updated jakarta-commons-httpclient package fixes security vulnerability
2013-07-06 18:11:31
wolfi
wolfi
CVE-2012-5783 vulnerabilities
2024-04-25 21:06:15
amazon
amazon
Medium: jakarta-commons-httpclient
2013-03-14 22:04:00
Important: jakarta-commons-httpclient
2014-09-17 21:47:00
aix
aix
AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient
2023-04-13 13:44:57
centos
centos
jakarta security update
2013-02-20 02:59:36
debiancve
debiancve
CVE-2012-5783
2012-11-04 22:55:00
CVE-2012-6153
2014-09-04 17:55:00
osv
osv
Improper Certificate Validation in apache HttpClient
2022-05-13 01:10:34
Improper certificate validation in org.apache.httpcomponents:httpclient
2018-10-17 00:05:15
commons-httpclient - security update
2015-05-19 00:00:00
veracode
veracode
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 08:56:38
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 08:59:46
ubuntucve
ubuntucve
CVE-2012-6153
2014-09-04 00:00:00
CVE-2012-5783
2012-11-04 00:00:00
atlassian
atlassian
f5
f5
K15364328 : Apache vulnerabilities CVE-2012-5783 and CVE-2012-6153
2016-02-02 00:00:00
K15741 : Apache Commons HttpClient vulnerability CVE-2012-6153
2014-10-27 00:00:00
SOL15741 - Apache Commons HttpClient vulnerability CVE-2012-6153
2014-10-27 00:00:00
debian
debian
[SECURITY] [DLA 222-1] commons-httpclient security update
2015-05-19 15:18:39
photon
photon
Moderate Photon OS Security Update - PHSA-2020-0141
2020-09-17 00:00:00
Moderate Photon OS Security Update - PHSA-2020-3.0-0141
2020-09-17 00:00:00
securityvulns
securityvulns
[USN-2769-1] Apache Commons HttpClient
2015-10-25 00:00:00
ubuntu
ubuntu
Apache Commons HttpClient vulnerabilities
2015-10-14 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
Related for 96AA6E96C459B552487D37879C1210BD7926BC641E7FD69543382941733FFB5F