Vulnerabilities fixed in Oracle Enterprise Manager

🗓️ 19 Jul 2023 00:00:00Reported by NCSCType

ncsc

ncsc🔗 advisories.ncsc.nl👁 7 Views

Vulnerabilities fixed in Oracle Enterprise Manager products; may allow DoS and remote code execution.

Reporter	Title	Published	Views	Family All 1653
IBM Security Bulletins	Security Bulletin: Due to use of Apache Log4j, IBM Netcool/OMNIbus Probe DSL Factory Framework is vulnerable to arbitrary code execution (CVE-2022-23302, CVE-2022-23307) and SQL injection (CVE-2022-23305)	16 Mar 202202:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found on thirdparty libraries used by IBM® MobileFirst Platform	26 Mar 202503:41	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for Febuary 2023	10 Mar 202318:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003)	9 Sep 202405:29	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Datacap	12 Jan 202617:46	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty, FasterXML jackson-databind, and Zlib affect IBM Spectrum Protect for Space Management Client (CVE-2022-34165, CVE-2022-42003, CVE-2022-42004, CVE-2018-25032)	9 Dec 202210:00	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in WebSphere Application Server Liberty may affect IBM Robotic Process Automation and result in a denial of service (CVE-2023-24998).	20 Jun 202314:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow (CVE-2023-25690)	21 Mar 202310:02	–	ibm
IBM Security Bulletins	Security Bulletin: An IBM QRadar SIEM SNMP protocol is vulnerable to a denial of service, SQL injection and could allow a remote attacker to execute arbitrary code on the system.	15 May 202408:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance	11 Jan 202416:41	–	ibm

19 Jul 2023 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS 26.8

CVSS 3.16.5 - 9.8

EPSS0.8377

denial of service remote code execution oracle enterprise manager vulnerability fixes