DATABASE RESOURCES PRICING ABOUT US

{"id": "RHSA-2020:3196", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2020:3196) Important: Red Hat Decision Manager 7.8.0 Security Update", "description": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.8.0 serves as an update to Red Hat Decision Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* netty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* netty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* netty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* cxf-core: cxf: does not restrict the number of message attachments (CVE-2019-12406)\n\n* cxf-core: cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* cxf-core: cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-14060)\n\n* jackson-databind: serialization in weblogic/oracle-aqjms (CVE-2020-14061)\n\n* jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (CVE-2020-14062)\n\n* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* quartz: libquartz: XXE attacks via job description (CVE-2019-13990)\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2020-07-29T06:02:59", "modified": "2020-07-29T06:03:47", "epss": [{"cve": "CVE-2019-12406", "epss": 0.00245, "percentile": 0.61113, "modified": "2023-06-03"}, {"cve": "CVE-2019-12423", "epss": 0.00289, "percentile": 0.64399, "modified": "2023-06-03"}, {"cve": "CVE-2019-13990", "epss": 0.00314, "percentile": 0.65876, "modified": "2023-06-03"}, {"cve": "CVE-2019-16869", "epss": 0.00633, "percentile": 0.76066, "modified": "2023-06-03"}, {"cve": "CVE-2019-17573", "epss": 0.00212, "percentile": 0.57898, "modified": "2023-06-03"}, {"cve": "CVE-2019-20330", "epss": 0.00463, "percentile": 0.71844, "modified": "2023-06-03"}, {"cve": "CVE-2019-20444", "epss": 0.00438, "percentile": 0.71094, "modified": "2023-06-03"}, {"cve": "CVE-2019-20445", "epss": 0.00169, "percentile": 0.52597, "modified": "2023-06-03"}, {"cve": "CVE-2019-9512", "epss": 0.19872, "percentile": 0.9557, "modified": "2023-06-03"}, {"cve": "CVE-2019-9514", "epss": 0.901, "percentile": 0.98278, "modified": "2023-06-03"}, {"cve": "CVE-2019-9515", "epss": 0.06467, "percentile": 0.9264, "modified": "2023-06-03"}, {"cve": "CVE-2019-9518", "epss": 0.00285, "percentile": 0.64111, "modified": "2023-06-03"}, {"cve": "CVE-2020-10672", "epss": 0.00743, "percentile": 0.78249, "modified": "2023-06-03"}, {"cve": "CVE-2020-10673", "epss": 0.00688, "percentile": 0.77258, "modified": "2023-06-03"}, {"cve": "CVE-2020-10968", "epss": 0.00366, "percentile": 0.68436, "modified": "2023-06-03"}, {"cve": "CVE-2020-10969", "epss": 0.00366, "percentile": 0.68436, "modified": "2023-06-03"}, {"cve": "CVE-2020-11111", "epss": 0.00366, "percentile": 0.68436, "modified": "2023-06-03"}, {"cve": "CVE-2020-11112", "epss": 0.00366, "percentile": 0.68436, "modified": "2023-06-03"}, {"cve": "CVE-2020-11113", "epss": 0.00366, "percentile": 0.68436, "modified": "2023-06-03"}, {"cve": "CVE-2020-11612", "epss": 0.00623, "percentile": 0.75878, "modified": "2023-06-03"}, {"cve": "CVE-2020-11619", "epss": 0.01379, "percentile": 0.84374, "modified": "2023-06-03"}, {"cve": "CVE-2020-11620", "epss": 0.01428, "percentile": 0.84622, "modified": "2023-06-03"}, {"cve": "CVE-2020-14060", "epss": 0.39335, "percentile": 0.967, "modified": "2023-06-03"}, {"cve": "CVE-2020-14061", "epss": 0.02076, "percentile": 0.8744, "modified": "2023-06-03"}, {"cve": "CVE-2020-14062", "epss": 0.04035, "percentile": 0.90817, "modified": "2023-06-03"}, {"cve": "CVE-2020-1718", "epss": 0.0008, "percentile": 0.33104, "modified": "2023-06-03"}, {"cve": "CVE-2020-7238", "epss": 0.00506, "percentile": 0.73136, "modified": "2023-06-03"}, {"cve": "CVE-2020-8840", "epss": 0.00462, "percentile": 0.7182, "modified": "2023-06-03"}, {"cve": "CVE-2020-9546", "epss": 0.00527, "percentile": 0.73703, "modified": "2023-06-03"}, {"cve": "CVE-2020-9547", "epss": 0.00363, "percentile": 0.68304, "modified": "2023-06-03"}, {"cve": "CVE-2020-9548", "epss": 0.00527, "percentile": 0.73703, "modified": "2023-06-03"}], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2020:3196", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2019-12406", "CVE-2019-12423", "CVE-2019-13990", "CVE-2019-16869", "CVE-2019-17573", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-1718", "CVE-2020-7238", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "immutableFields": [], "lastseen": "2023-06-03T15:19:40", "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2925", "ALSA-2019:4269", "ALSA-2019:4273"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-9512", "ALPINE:CVE-2019-9514", "ALPINE:CVE-2019-9515", "ALPINE:CVE-2019-9518"]}, {"type": "altlinux", "idList": ["731C157A780B069F4433F4F6E202EFEA", "944EA29696BE169228EC0537C731CCEC", "D1809A400B037849F55F91C8D7820919", "E64A79B455B5B29956A55C132E6895B7"]}, {"type": "amazon", "idList": ["ALAS-2019-1270", "ALAS2-2019-1272"]}, {"type": "apple", "idList": ["APPLE:B7EC2E92CBEF4481D5F2735898CA5FE4", "APPLE:HT210436"]}, {"type": "archlinux", "idList": ["ASA-201908-15", "ASA-201908-16"]}, {"type": "arista", "idList": ["ARISTA:0043"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-70971", "JRASERVER-70971"]}, {"type": "attackerkb", "idList": ["AKB:8AA21692-1900-4944-98AB-BEC257302198"]}, {"type": "cert", "idList": ["VU:605641"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1346"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7430089B5BD03FDE67C945B0672A675E"]}, {"type": "cve", "idList": ["CVE-2019-12406", "CVE-2019-12423", "CVE-2019-13990", "CVE-2019-14988", "CVE-2019-14990", "CVE-2019-14991", "CVE-2019-14992", "CVE-2019-16869", "CVE-2019-17573", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10707", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-13954", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-1718", "CVE-2020-7238", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1941-1:B0F41", "DEBIAN:DLA-1941-1:FEB61", "DEBIAN:DLA-2109-1:DE8EC", "DEBIAN:DLA-2110-1:96368", "DEBIAN:DLA-2111-1:8FC8D", "DEBIAN:DLA-2111-1:E5D8F", "DEBIAN:DLA-2135-1:08B42", "DEBIAN:DLA-2135-1:92903", "DEBIAN:DLA-2153-1:5061A", "DEBIAN:DLA-2153-1:D5ADC", "DEBIAN:DLA-2179-1:B7152", "DEBIAN:DLA-2179-1:DDD4A", "DEBIAN:DLA-2270-1:4546C", "DEBIAN:DLA-2270-1:A2D41", "DEBIAN:DLA-2364-1:39666", "DEBIAN:DLA-2365-1:41B26", "DEBIAN:DLA-2485-1:44FAA", "DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4508-1:2E656", "DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DSA-4597-1:11183", "DEBIAN:DSA-4597-1:8729B", "DEBIAN:DSA-4669-1:2AD2E", "DEBIAN:DSA-4885-1:31BC0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-13990", "DEBIANCVE:CVE-2019-16869", "DEBIANCVE:CVE-2019-20330", "DEBIANCVE:CVE-2019-20444", "DEBIANCVE:CVE-2019-20445", "DEBIANCVE:CVE-2019-9512", "DEBIANCVE:CVE-2019-9514", "DEBIANCVE:CVE-2019-9515", "DEBIANCVE:CVE-2019-9518", "DEBIANCVE:CVE-2020-10672", "DEBIANCVE:CVE-2020-10673", "DEBIANCVE:CVE-2020-10968", "DEBIANCVE:CVE-2020-10969", "DEBIANCVE:CVE-2020-11111", "DEBIANCVE:CVE-2020-11112", "DEBIANCVE:CVE-2020-11113", "DEBIANCVE:CVE-2020-11612", "DEBIANCVE:CVE-2020-11619", "DEBIANCVE:CVE-2020-11620", "DEBIANCVE:CVE-2020-14060", "DEBIANCVE:CVE-2020-14061", "DEBIANCVE:CVE-2020-14062", "DEBIANCVE:CVE-2020-7238", "DEBIANCVE:CVE-2020-8840", "DEBIANCVE:CVE-2020-9546", "DEBIANCVE:CVE-2020-9547", "DEBIANCVE:CVE-2020-9548"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K15320518", "F5:K46011592", "F5:K50233772", "F5:K75555129", "F5:K98053339"]}, {"type": "fedora", "idList": ["FEDORA:05AFB3091421", "FEDORA:0C9226047329", "FEDORA:5869F62F1007", "FEDORA:691DA613FFAA", "FEDORA:976B760CEC41", "FEDORA:BDA8C6056EF5", "FEDORA:BDC9D3090DB1", "FEDORA:CCB9960F3CBA", "FEDORA:D307A6040ED0", "FEDORA:E5C91604A708"]}, {"type": "fortinet", "idList": ["FG-IR-19-225"]}, {"type": "freebsd", "idList": ["10E3ED8A-DB7F-11EA-8BDF-643150D3111D", "41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "53CAF29B-9180-11ED-ACBE-B42E991FC52E", "72A5579E-C765-11E9-8052-0028F8D09152", "73B1E734-C74E-11E9-8052-0028F8D09152", "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "C97A940B-C392-11E9-BB38-000D3AB229D6"]}, {"type": "github", "idList": ["GHSA-27XJ-RQX5-2255", "GHSA-32GV-6CF3-WCMQ", "GHSA-39QC-96H7-956F", "GHSA-42F2-F9VC-6365", "GHSA-4W82-R329-3Q67", "GHSA-58P8-9G59-Q2HR", "GHSA-58PP-9C76-5625", "GHSA-5P34-5M6P-P58G", "GHSA-64X2-GQ24-75PV", "GHSA-758M-V56V-GRJ4", "GHSA-8HXH-R6F7-JF45", "GHSA-95CM-88F5-F2C7", "GHSA-9QCF-C26R-X5RF", "GHSA-9VVP-FXW6-JCXR", "GHSA-C265-37VJ-CWCC", "GHSA-C2Q3-4QRH-FM48", "GHSA-CQQJ-4P63-RRMM", "GHSA-F93P-F762-VR53", "GHSA-FF2W-CQ2G-WV5F", "GHSA-FQWF-PJWF-7VQV", "GHSA-GWW7-P5W4-WRFV", "GHSA-H4RC-386G-6M85", "GHSA-HGR8-6H9X-F7Q9", "GHSA-J229-2H63-RVH9", "GHSA-J823-4QCH-3RGM", "GHSA-MM9X-G8PC-W292", "GHSA-P2V9-G2QV-P635", "GHSA-P43X-XFJF-5JHR", "GHSA-P979-4MFW-53VG", "GHSA-Q93H-JC49-78GG", "GHSA-RF6R-2C4Q-2VWG", "GHSA-V3XW-C963-F5HC"]}, {"type": "githubexploit", "idList": ["3A4AAB02-CCAA-51EA-8324-41D2F506E5A2", "3BE6C242-DF61-5FB1-AF29-941FEF80A127", "5EDF02C1-5DDC-5B0E-BF23-677048091107"]}, {"type": "gitlab", "idList": ["GITLAB-49812F2B8B15BD33775CBA6F41D7CA5F", "GITLAB-670965C312F4B176DA0BCF712414ABB4", "GITLAB-AA841BEED82F30BC34C2B118634FBC7B", "GITLAB-D8C136BE1DF27278BE1920A69C9A6667"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200610-01-FASTJASON", "HUAWEI-SA-20200722-01-JSON"]}, {"type": "ibm", "idList": ["008B0D501A1CB8226ABFE1582856F4EF756D398AE0B7847587583CD244F7DABA", "026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "02FD10030B8366010758D75673B2286A0CD064A8561853F6F314CF7B7BC8B298", "0379C9040F7E8982FD18FFF1727FD0676E6F3BCB92CA33BC6BBB1D9F7F79D8B4", "0417036025FD6A189EE42ABF0BD8858E873D012FB5A3D9F9BF5C94F081CDDEB5", "057F23DB71C72978E8CCF4A7BDE90605082E47A058ABF70F5C21BAD102DCB0FA", "089B564037CD6CBF124F570A0074A8E6C37E90240BCF8C5297D2EBD444E34F18", "0AF0D1ABD7511641350D2C0A10AF6B5BB4A0ABFC6C05902B5F1C5E07C1566C95", "0AF4568867479D47E4352B7E039C8B495FFD7D263FC7B6E5D521CCBE61FFC605", "0B841A25DD5089B54804EEE177963CE7CA3A23E107F528BF4D4DE12B41D18A16", "0C931C8FB3337ADB707B8C54D7D2E65C09B2A9067AF3442FB5EDF49ED471F44A", "0DE3A792FAD190B8655979FB1A21DC1E0CA059ED9214541E3BEA65B864F0D32D", "146E5B6C7DEF48D9B9132CEF69C4B99A3655374C8A833C5CDB62A212794B3988", "1662CC7D540088755F37EA5A27D5DD0BD01726106E6F60853235576D63AD6B63", "1684DEC3DF3BB9E78C84E76D9D7057965A40ADC07F69C113F4E928D34BF0D671", "16BD53FF8D4AF4008A6B9480C8D62C5AECEF46E4F486EC150D2D9BBC2C7349FC", "17167E9B7772FCC3C13341661C717A788FBA9411691E4C6CEEBFD6C6E3A96690", "17C8BD5E8C1A90E7607152EEB11A6A15F31C7913B9DA47EF7989DA93FFD7398E", "18E3835EB48610335189B66CA3B787759BF28CEA62D84163A3574C70FFE6874A", "1914476FD091A15E96610F7BF31547167EE2615FDE4E5D3885C1359FD96241AA", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1B99BE15EF0865EC7D6CAAD98E1510DF110D3FC32411F14658640A57804FCBB5", "1CA5EFFF48503220FA8729D288342161A3477C54DF435407E3869B260531E400", "1E239D8C4813C8FA705CBB86F01F323B29B73D1086FDF65021C9CB4B0146A272", "1E9CF6FDFBA489706238E6E37CCC826D29377A3819B88B687B8B88A40020AC3E", "1FF8E68E83BF3DB2672591959122E4AFEF74C0664CD23BFF44CDC08E383E49EC", "204ADCCC258487D6D5F8C848C95DAB38413055F4AFD05DFCF56FD7435CBF7C69", "20CF2AD2EFF7DE6AD8F93586D48E59262F447700FFF48E5E610099B41CEE05B7", "2386F1AB0413EEF3A8C299A357E7BB8AB76A40C4C355F7A3F8BB00B41DA6A965", "23CDFC767B1F8B0922BC72249E18F4BE7A23A2D5C6AAF52840D8298A30852894", "24C0E8E0827CB2EBE6605DAAFD5EE0194B719538B16C6998A82844CB71B50C7E", "25465AE304B2A76CEF5AAA7B2ED23C6230565ED22DF8525A608DE70FB394D75E", "257282661EC40294AA6CD7D16D142C7D834B7703E989C3E4C143A5B9AF27C918", "26C2D2D50BF66B18D568B39D5C0159D92777EF3637170739E97769DB93D44C46", "276311EA26EA41FBAE81DFB3042788416A0F2799192780CD6BCD5F7081C47F5C", "2A3BE29C61AB5C206E51A18D7963A9C32350407C526C2B7F696349BA022B924F", "2B3C9C8FEB87062CB2249D828A603478C6CE6A6307CF7103B8825D9FE81CAD3A", "2BD4C17835FEE75B5DD82D43E16DF6D6AFA1DE77CB24213DFD8CE6D73C92BEDD", "2EA2C9FAC993C6AEC32EA8F89FBD4374B89508FE14BFE1942351C36F204DE9B5", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "31D7DCC8D683A82E44671DA5A38CDC1A58877727926C937FE8D9FD9EE9FD2370", "3338DC95220D2E7488A5EECF8C3CB0E737C1D3739387EC9FA725E0249DD8FB24", "3406F3BF171E35059DD6F774A38295A04425479DF9DD7838A3961F77179002A0", "34A4E9094B63E95B04667FF24314DB81C77972919C797EFDEBE3C15AA4A5A38A", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "38B9D897011CEB670EAF1E1AB11DB01D2C8CE3AA7925078CA13A859E05628FF8", "3B8955E90A75DA2251988CD12D1FDBE7CE404EE0628540DC232E613A0739B512", "3C024BED98983358FC2A70F4FA5AF823CC21E61763DB444AC2404D2ECDECB070", "3E6B657C015C16954B98859793FD033350A73E948A9B34DC9CE852E2232B7B0D", "3E7BCC3A39D1CFB4F6C570A1E4A32EF1E9BE12345C73F5DE9BC3800C3339BDEA", "3F7BC56A1EE56FBC05AFCAA58E192701847D074F84491EA17BBE64F5C9B050D5", "3F8BFA161D8ACAADC208317BA26AAC30EE1793F948D454DB7BC13F5155B44393", "3FC31A2CC7ABF7DA1885EE97783B9D04AD2C6EF31E7B2B06895F95DAD4550593", "4029D42CC914504E09EE100B22AC6776680410A3D499885D657894142CD104C8", "413EFD2051B06CEFCDFB6A85E56D412853059B72C27BDAC4B5D06E384C0A787D", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "41CB9666A88AE67D4A0558674B8CFDA62F160B6DDCBA3C10576515447887CF12", "41DF23CE2735413DAB9CB5FEC88B4F08F99AD02C93EA5246E5E57959ACBB4A3D", "43889098AF27B56E1AAC2C0ADC87D15751A2B0CCE3BF25260E32BBE3CCA7CE93", "441A6459C1CBE843EDD7F5C4D862AA7C6F90584EA901F82EF1B6D31B418078EB", "44289E9AFA262B32B9B340C2E5063B6A6A7C857ECC454752758C62450EDDB5A1", "46F19B07C11D71E357D28FD4B0BFDE347B5C2272A359685427860584D313AC3E", "470748236CF687BBC17C70DFCCF5107CED7FA6CB57B3A02A0A94855B02E20BF9", "47274321AA3430917FC9FF88F99229CD7614CD6268ABCD535250486839A8D636", "4A7D85E877988216F11AD7DDC8ECED1B05CB1AA44C219D2D2283330DE7E7E1B0", "4BEC8E9463E4B27C09D4E3ECF5C98A9E0D6D193C06E6EFC3DEDB9F41368D7DC0", "4CE6EF5A931E1DD71173744E63FA5B598713F2EB1EFE22E55E4D35D7659268AA", "4D42AAA4F789C7D1BA65614CE73F72CA7B880E7B175E5E14A5BA53020528C9D9", "4E2A0891FC6A9216C5F9B6391FCCE631A5FCFCA9CD4485D154F09E66D094E86B", "4EC41687F6C702A06FF4722B6E37F3C645729920B78D22B770E171A0DB12CB76", "4EC468925EC1B01AC3E2235FC9136746880477512CE0A8130EE536AD1AADBEA0", "4EEA40866A50FD47B88CDEDFE5D4501E3C595A076C9874F03873B7D7BEC2B0F8", "4F441F1EC2D2D7EA1D9033E689E8C62FE264F17CF627C618EF574955EF8C49D0", "5100AC8D5E4B9B2820C8E97CB99708D3E6DA55A8125242DB99536FD592D317C2", "511182968CEDB172B8730661A03A2F4C78BA383091EEAD7D8936E457AE6A6443", "516E060FEEF277A36D6526C4E424F4FB4783A65B1BFD619BAE759477F50DF1B7", "521FBC3140A9184ACD54DB259B5C982B7555628E6C09A54B0ED31625D877719A", "54E686FBB2E60A0BDEAB59EFECEB36D61C77A784661FD44124BD8864158EE317", "552FD8E250C33622C92D4D81FCFD993060B032D714D05723F83EB943297F3CBD", "5607CF6D04DD77CB50570F4969F7B3DEFF1BEAE93F9CF5B5355BBD8D2BA6EA96", "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "574FC031AF9B64FDFC8B0BF65E22355456EDFA4CF1ECE74E592CA6972407F30F", "582F96446333EB82A24A0C13191C208F7E940B6AE34B504E8FD5A296160793B6", "59946594D28C648E752D9B3112813E0DAE07898115252275BADA78A6AE51C8E7", "59A24344B16F41FDA29E13AC82F85E48C72A67AD619672DE0CAC8898427FEE09", "5A059C8C765B3BD7663468604398174B5ED506196CEFCE6A8AC2239051C813B4", "5A357128639E00EE0774B3D2597A839328E9DE84359137CFEFE888228A113067", "5ED570DDC2DC18EDBE3A6F896450F75892C392B6E12D967BD6C8F6E5EB0809E5", "61FF6F10F0D76277F85A8A525D2C9989283AB04F3D830BEC0894CE78DF0624A3", "628CB36753883231031D529A86E264092FF7A5CF21319F4F245464EF4C4FB0BA", "6333F0A32398D30524C10CF8627B6258A5C4483AF088DB24CBDE988CA4E126E6", "644A8D20EA5C122A543FD2875F814F29458A670A8F81310C4182A6D4DD814E43", "647A7AB345F655E164F4C0AB87C5729F0821EA62A0208C6067C65D31362414A2", "64ADFD088203597B59C398AB3DEF28DC4F72D37A4C48C7FA81C6531EDA6A9877", "660F79D7F9C6524A14DF2940CF8DA166E39FBB028D628CAF3FD232455DB9F4DC", "67521096E2499B8DA87859FF51DB33A2152163398E0849BDD3366F9B6EE2B17F", "68A2A52B486DE856D9D7DEBE2A73EF9375AF2AD3DE794F39D2969903EBA03921", "68F0C3AC29EEC11A1B3683CC670DBB84880DD11F8968A7B69BF67C664E520FCE", "69C147CB642B39AA3250947FC1868ED542CC9C2C3BED4BA821CAD9BA0F178E84", "69FB72CCB8D5FCC39004FA966C700C2C3FAC030FB41B36D5BE112D01469B6B39", "6A8FB2890AF2EBFB497D7D6CCC198FF3FF0E22BD184AAB460E05F9B5E0B6A4DF", "6AC8F8C50686802A05555281D5D05D5AB8997C027EADF699A3A6C4352B28516B", "6B6F13479A05023E8BD2B97E73C4B7C00B578E9CADB70B9A72B008E52DFDECB7", "6CFEA65AF68FE49C29265727A9FD2E01141DBC6B1625D7E5D920D91E7FA200ED", "6DF9AFE7279E82CAE8ADD0F98C4AD5550237D2F9C298E1A2E25298339AD86616", "70A244D2ACF5F54C8A00B80F18E4E6BBB5679FDC6B106AC69D24FEF5900799DB", "71525D0BC11FF3C2AE36A5A8748786A694B3AD31C21D312B76C386103E66D0D0", "731A6DDD5325438B0FCA3D1B2CA7C8881C1A425221911E3EF5FB3283E134B7EA", "7463232BD9391B70113F6779133DEEDF82C2F9FB5E2F9C9C4D0363B332E72184", "764590A4B9E47D7E86F4E1AD3CAA72AF8E48B738F1667323140B928C6A564E13", "7723E7232CDF38CAF6FB9BEBC720727705544B73B826D4C481C2D54FB681768E", "77A28093327290BEEC30BA0FD258343ECA5E3AFE8F5CC46CBAE8878B49FB78B9", "788251FD7397EDDA8B4E4DF8AACBE1D142303877A23213E980EDE042998B46CF", "7919E76DC5CE31A56A0E93B591BD3CB39E66143F03461956DE710B67CE8915A2", "7A8DF41BD76EC438451409A025AAD65BC78A02087B1DD7CD7F2F435E28BE86C0", "7AD0D7DF266CE4E3E8403D1010B4839400C3FF375189EB64CF4D3D9C52368CA5", "7B05B840ACCC17A8D2E2D9B0FD2D6480FB03A9408D40E605B8310E82A4503F00", "7CFD15481B10EF25CA2897D79DF5E964CCBF6F259DAF4C8B56677086A6FA579A", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E205D800AB18A96BD27F24CEEB0EC122AB67AF1B8DFC2D59B51318767675512", "7F8E6554F6DA398AA724606DE234AF7EF09A532D4299A3D1BE71DF4204B3FCF6", "81D5F6F41E5617EDA7FF694BBE43496FC48B7577BB4C9C238127ECCCB1D40118", "8275C3B123771E721297381D0F66E5CCB99C5D5EA14F12413C6DF109D950665B", "8507B058C81047318472EE4CA22600AD2B6A70184CB90B2496F848C8119E7F48", "867F57E644CA0B9EBAE8F6B4AF3E43E47039153C5F0CFE46A8DE2A9C5715A892", "870BEA847DD424799963E5867DAF74D2ED3D95FA2CBB891A7AF0D330D30A7BBC", "88030D4F1517AC9EC8202290C87E6CA9AE0FE862783A643A8EA37C2CBB13C39A", "89B069E991BD00EAC14F399834EE2BC60C62E828E55A6A24AFFA5A3369CC3023", "8B2AA49114B0E5F7D2BB4B82734BAD2524EA50B29A1FE570A4CBAEC23A3CFD3A", "8C2C4E2C0A521DE5440EB6823B48F550EFFAC9F2827DC45DF361442B5CC5D8BF", "8C93F64EB942B89C85FD3B80A9DC2CFE179B0438AABE15445B3E18014CA9F419", "8CA61ED519AF8D2C40AF34E194E5D7262B3105E9EF9837DC95F346629FF6328D", "8EFB8A654D3536DD4481500A7680D75E0B2A04D2F63C829CAE130B12A35D7ED3", "8F439D371F020F07BE9A6CE8CDFA373E8641695C767204EF55652E3E6187D4FF", "90246D34A2A9EC4005A1B788C09D0DF4366E66BC9D5DC5A39EEF5286DE79E161", "91276D3C2731F3DA4DD452E951C9FDEE291112FDC8F824C89A17FB705CD2BB08", "938B27E41A5FB45C2E428DDD55ACB1346901CC6F33F5B67B4257EF415A10F64E", "942E8FACD0350ED3215EB9DD3629B360E18E87D3ABD165831163EDE9AAB16C21", "948BCC9F22A9E406D5CD799F6EF0E00FD425491AC80A0EEC98CF827FE115B33E", "9637EBA6484BD28F500A4FB042427C33540202FCFEE1C248C5FC5C788BB997D1", "97843D709F3A1D21B079AF090609D06C8232BD6B0AF9C686DC60FF6355F3EF04", "9987E875C9C70BDC98BBCFA96D1053320128B489B65C198738DCE478B17F732F", "9A96669F651314B055987343933B2F58BB66C71D7B13E3E61735C74B9F85DCFD", "9C281E51011593E8EEB75C9B2ABA710432CC18DBD8E16DE56F7985BD8E4C1BBB", "9D10729AB8873D23F2244363D8A1DDDC6F4683B3420052FC513112D30B8E6FC8", "9D4EC30B388B671B00F0D192ACD964A17D2BA337E5388809BC8935D15D6F2731", "9D70765425B02FB4212DD4D5C134270A48CF65000E4A833405DF290005C5A2AB", "9EF402A843CFBDB359E8B74AAD869683BC0B3E2869ACDA8CA89782199936D069", "A14074B63DD301417E9DF0F0CA920DF28041AE6FB1B473141F78ECFEA97F3165", "A2457C3A7B20059C90A8B0A06C0058C69C62F582C42EE25EB0BD86681744A856", "A2924B4DE05BD5A9DE02BD29915404543555C0C4AAE9016A5C570D5EE0CB6EA6", "A364D6B382E97F9FDC09D590395E985715FD9927D26F193255B81A2C9A6502FE", "A39A2E00B5BABE0243F9671D1FBE1DA3F18A76F8A4B8F40C5F0A37733F567181", "A49FC03081B73A65E6CCF013015154811700EB0AF3A788F88F0A2DD80E7DDB14", "A5BDBA48582E84D9D511148A7D6686E035238126382034F25D0DE3123B69FAB0", "A770E87B78A1CE76903B4B233716D0607AFD01AE39801385CB61B30131C7ACC5", "A815FD0F021F6B36A999CA38395A5624B6819141FD5DB5CE993819C2A28DEDE9", "AA14C55AF4A5BFC3A22C9FAA8B34E0E1647B4C350DBEC1C6DC6BB8AF16DDF7F3", "AB2CF025F88364491DAD8A893B4FFE876A0EA1219780AEE35EB01D3E77543556", "ABB58FF03A23448F4007C7227B9BE116510A9CF8F94DECF7B6FBC544ED80F9B9", "AC5DE01326AFA37CBA7F799502684F57AF3D9271EC49734648DB7797522AF2E8", "ACDFCA5E93908C1CC35E54B4EF854ED57BCD6CD2641A3590CD2418E8BCA917EA", "AD33C8416886BAB2F73A27CEC866FC53237919C38EA90303DC32F930AE4BF0E5", "AE04C563BFD8D158A34D941FC591BA2027AA9CDF2814A2468DA20F6AF67AFEDE", "AE08D425BCFE92B07EA73E9098FF0CA5AE4F08C3C2A4E5A61A0379715335421E", "B3078CC20AA0193DE0BA1F24BF600DB307BF3971A7F9CDE1170DAADE21278824", "B3DD0049FD7B99420B4A63E0C41797B3151DBE19CEAF6FF15A08AD1D83EE117F", "B3F4AA1A1992E6D3190AE7943B4F2C3504BE89943C73FA50CD108D6F916DEA0B", "B4DB31CCF8E40133FFCB7AAD4CC25E72075DFB85202833FD1EA11B62061BBECA", "B5B6C4769983441433B811EF3AAED6CFC993849D42BC924ECF1CCA5E34838148", "B63E6539A425EB5AF33E03949CFE0D4340525E6C4EDC7F84EBBBB8743E8CB569", "BA2D0D9B1C88AA8F13B870348943574E037A169844D44BBF01DF458E3C5B564F", "BAA73579218EAF992EC9ED8D793E7E82890C87BD059F752A5C63A36CAA54386B", "BCCAA86BCC3B16C9C58E1F4717449CC03D19E983B5D795C29B0F4F2B70C2296D", "BD73CB304818422172D48F1453A9EBB4A928DE6BC130FF8EE26D6D8B3208D65E", "BDA1FEB928FD97925389C0FEA25449D97B8CDA5FCBA7D104AC84AA1F890A9E36", "C1504E0331CDD1C6C93994699BA298E6DF006D6E0CC8A8E4231997AD972A13FD", "C43D2CB156B7BD39FC113EAD22568306F95463D3E29CC3A697EB085F142533BB", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "C63F9049147CBF2ED4A200A30AAC47716B2DCF79A16C7EDB82A67B451E5E892D", "C7C90AE07B9F79A9EEF6608D4722926B0CCF2ECD1B095573CDC550F929B66111", "C7DD07DAD80496C03ABFD0EE55F04C1759F2915C9B0A8C1F66F87E8D2110B95B", "C7E6E453C17F0E572D59405DDE66A6D6FA0C82A2CA378C448ADA47660CFACEB5", "CADD0A9E8A680423FD0A81161E62A65738EA5B5EF30BB7A2C437B73EE05D82D8", "CC2BF4CDFC047D62DD6D8207BD01D3CD777CFBDECB9C4428A2F95ED023E765B6", "CCFD0AA6FE0B04D655CB682E840C88D56CFE6066B6B9B349560AFB2C6DFBCB00", "CEFB2CDD169330DA5EC688A529952C2E9694D94C3E8E4A50C9011E9A9F7FD71F", "D0934964E9B56702CBED525517F4EA576FF2F33A8BA6C800C34ECA9B7FE90236", "D0C8E5E0BEE4FABB79DB325BB83CABDE3FDAB4C4F1FED02D03D24818C3955365", "D1EE65B724C053B8C531DB8F905A57DF1D402D875E50E3E22DD86A5856E65A9D", "D3DCE49F85FE68AF51C5D2B463504D5A7870D422F5ACFC1E2C0DCB64F7543F5E", "D6A278AD53F24F8C2A141B0CE86714271C028E265EA5E488D59254EE85EA8F0B", "D7F9450F29ECF1B72AB048E5A558968899E4BEE842C11773BFB39A006F5D7D3A", "DCD796DE1A947454806F2895884984638159DBE1069CC9361C465D63D9525B4E", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E4AF4AD51EF7B52C30AC56A83E532C18EBEF528DABCFCB69D2926CFA74BB2EFC", "E4EDC2FA169D0DA37CBCD0520BC305DF277DCFADF273F929C67930A8EE880A10", "E74C53C459F7FE1C89AE67FEC29B42B1B0BF95AA1A5FE3D3CA36BD71ABE75230", "E82785235072F5EF5FCC205CE14F01F22FB4483D23ECF18B1C4AED471927B7FC", "E8369E4F0706AD67E1935A667DD2E6F656DC66DBF75209AA618BDB625E1D75DA", "E9C1563BAEC9B59E1E748133D7FABB312739ADA716F044B1BE4F21A9D985F2B8", "EDBCE2D5797575D019533793BC0DBD438D1B65A6557C755729CCDB2B49BEFFB5", "EFD802732B0A15F67815EDD8850FB1C881B714B4A10FEC7A7699E0D6FA7B59C0", "F0C6BC6B6E0BCD2F79CA2CF94A9D9909AF0E9117B13EA219F0B9C650CC1C6C47", "F16FD84C4B2F4D34ED0A961E38B09E4BFCE8DADD88227D9261A9F8829EFFFA29", "F1F8948FCA4076A4D9EA00C245C24C85026801B4C2D5FBD680238B70B9CC5217", "F3A0AF7D427E6AED8E40B3D19585D93D61954607EC55F8F1D3E4A633C68E5576", "F4CA880341B94608CA96ABB2752E8B1E313AAF497D8551E7FBFF02076E793142", "F65F1D96E364841337F0770420AA39E180E57CF181628F15C7259D9D9A9E8BDD", "F6DF55755772C64F805CFF82BE910F9FAAF52E5BFBF9672BC2262F5BAF685976", "F7B0F41A9554E301160EFC5535E817D656638E60F300D17F359C5D0DFB4A3640", "F9ED99C3F4B2D868A3826BA34135EFCC7EF1978329C535488F23E6CF98DA913D", "FAD6BCE3854669364F5857A689BDF567210D8EAE3BCE59914324E9D66B2322E2", "FB0FED96F844946FA916BA96FE69D8FC255DE30F14533A361ECDC4784137B093", "FB560ADAD8B8B7DC96C7D8C44896E1B02161FC3E60AF0D61C67F028B73A7B908", "FB7B6E35D915B52C7BA312CAD9654CFF1BD017037BCC79FFFEB2D911AF77E8B6", "FBF04463FD979054AD645A3FD172D5826C3ABE6D6D2F80B590982B60B574F03D", "FC997E430CA6F9ABBD4EB243AB41B87FDFAEECD006170E1C3902E99B71679DE6", "FF9258C84F77D90D8E35398FC8C4B88BEFE7E858980922156E5765F89E6ECCA1", "FFF1414315350598A8A6CE2454488CEB6A6744EC626EE6D1B67444FD1CE73AAB"]}, {"type": "kaspersky", "idList": ["KLA11534"]}, {"type": "kitploit", "idList": ["KITPLOIT:8656177976839178440"]}, {"type": "mageia", "idList": ["MGASA-2019-0251", "MGASA-2020-0372", "MGASA-2020-0468", "MGASA-2021-0133", "MGASA-2021-0153"]}, {"type": "mscve", "idList": ["MS:CVE-2019-9512", "MS:CVE-2019-9514", "MS:CVE-2019-9518"]}, {"type": "myhack58", "idList": ["MYHACK58:62201995518"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1272.NASL", "ALA_ALAS-2019-1270.NASL", "ARISTA_CVP_SA0043.NASL", "ARISTA_EOS_SA0043.NASL", "CENTOS8_RHSA-2019-2925.NASL", "CENTOS8_RHSA-2019-4269.NASL", "CENTOS8_RHSA-2019-4273.NASL", "CENTOS8_RHSA-2020-1644.NASL", "DEBIAN_DLA-1941.NASL", "DEBIAN_DLA-2109.NASL", "DEBIAN_DLA-2110.NASL", "DEBIAN_DLA-2111.NASL", "DEBIAN_DLA-2135.NASL", "DEBIAN_DLA-2153.NASL", "DEBIAN_DLA-2179.NASL", "DEBIAN_DLA-2270.NASL", "DEBIAN_DLA-2364.NASL", "DEBIAN_DLA-2365.NASL", "DEBIAN_DLA-2485.NASL", "DEBIAN_DSA-4503.NASL", "DEBIAN_DSA-4508.NASL", "DEBIAN_DSA-4520.NASL", "DEBIAN_DSA-4597.NASL", "DEBIAN_DSA-4669.NASL", "DEBIAN_DSA-4885.NASL", "EULEROS_SA-2019-1967.NASL", "EULEROS_SA-2019-2078.NASL", "EULEROS_SA-2021-1073.NASL", "F5_BIGIP_SOL01988340.NASL", "F5_BIGIP_SOL15320518.NASL", "F5_BIGIP_SOL50233772.NASL", "F5_BIGIP_SOL98053339.NASL", "FEDORA_2019-55D101A740.NASL", "FEDORA_2019-5A6A7BC12C.NASL", "FEDORA_2019-65DB7AD6C7.NASL", "FEDORA_2019-6A2980DE56.NASL", "FREEBSD_PKG_10E3ED8ADB7F11EA8BDF643150D3111D.NASL", "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "FREEBSD_PKG_53CAF29B918011EDACBEB42E991FC52E.NASL", "FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL", "FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL", "FREEBSD_PKG_9FBAEFB3837E11EAB5B4641C67A117D8.NASL", "FREEBSD_PKG_C97A940BC39211E9BB38000D3AB229D6.NASL", "JBOSS_EAP_RHSA-2019-4021.NASL", "JUNIPER_JSA11167.NASL", "KUBERNETES_1_15_3.NASL", "NEWSTART_CGSL_NS-SA-2021-0006_CONTAINERD_IO.NASL", "OPENSUSE-2019-2000.NASL", "OPENSUSE-2019-2056.NASL", "OPENSUSE-2019-2072.NASL", "OPENSUSE-2019-2085.NASL", "OPENSUSE-2019-2114.NASL", "OPENSUSE-2019-2115.NASL", "OPENSUSE-2019-2130.NASL", "ORACLELINUX_ELSA-2019-2726.NASL", "ORACLELINUX_ELSA-2019-2925.NASL", "ORACLELINUX_ELSA-2019-4269.NASL", "ORACLELINUX_ELSA-2019-4273.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2020_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_OCT_2020_CPU.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2020.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2020.NASL", "ORACLE_RDBMS_CPU_JUL_2020.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2021.NASL", "ORACLE_WEBCENTER_SITES_OCT_2021_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2020.NASL", "REDHAT-RHSA-2019-2661.NASL", "REDHAT-RHSA-2019-2682.NASL", "REDHAT-RHSA-2019-2690.NASL", "REDHAT-RHSA-2019-2726.NASL", "REDHAT-RHSA-2019-2769.NASL", "REDHAT-RHSA-2019-2817.NASL", "REDHAT-RHSA-2019-2925.NASL", "REDHAT-RHSA-2019-3131.NASL", "REDHAT-RHSA-2019-3245.NASL", "REDHAT-RHSA-2019-3265.NASL", "REDHAT-RHSA-2019-3906.NASL", "REDHAT-RHSA-2019-4018.NASL", "REDHAT-RHSA-2019-4019.NASL", "REDHAT-RHSA-2019-4020.NASL", "REDHAT-RHSA-2019-4040.NASL", "REDHAT-RHSA-2019-4041.NASL", "REDHAT-RHSA-2019-4042.NASL", "REDHAT-RHSA-2019-4269.NASL", "REDHAT-RHSA-2019-4273.NASL", "REDHAT-RHSA-2020-0159.NASL", "REDHAT-RHSA-2020-0160.NASL", "REDHAT-RHSA-2020-0161.NASL", "REDHAT-RHSA-2020-0406.NASL", "REDHAT-RHSA-2020-0601.NASL", "REDHAT-RHSA-2020-0605.NASL", "REDHAT-RHSA-2020-0804.NASL", "REDHAT-RHSA-2020-0805.NASL", "REDHAT-RHSA-2020-0806.NASL", "REDHAT-RHSA-2020-1523.NASL", "REDHAT-RHSA-2020-1644.NASL", "REDHAT-RHSA-2020-2058.NASL", "REDHAT-RHSA-2020-2059.NASL", "REDHAT-RHSA-2020-2060.NASL", "REDHAT-RHSA-2020-2106.NASL", "REDHAT-RHSA-2020-2107.NASL", "REDHAT-RHSA-2020-2108.NASL", "REDHAT-RHSA-2020-2320.NASL", "REDHAT-RHSA-2020-2511.NASL", "REDHAT-RHSA-2020-2512.NASL", "REDHAT-RHSA-2020-2513.NASL", "REDHAT-RHSA-2020-2605.NASL", "REDHAT-RHSA-2020-3461.NASL", "REDHAT-RHSA-2020-3462.NASL", "REDHAT-RHSA-2020-3463.NASL", "REDHAT-RHSA-2020-3637.NASL", "REDHAT-RHSA-2020-3638.NASL", "REDHAT-RHSA-2020-3639.NASL", "REDHAT-RHSA-2020-3817.NASL", "REDHAT-RHSA-2020-4366.NASL", "REDHAT-RHSA-2021-1313.NASL", "SMB_NT_MS19_AUG_4511553.NASL", "SMB_NT_MS19_AUG_4512497.NASL", "SMB_NT_MS19_AUG_4512501.NASL", "SMB_NT_MS19_AUG_4512507.NASL", "SMB_NT_MS19_AUG_4512508.NASL", "SMB_NT_MS19_AUG_4512516.NASL", "SMB_NT_MS19_AUG_4512517.NASL", "SUSE_SU-2019-2213-1.NASL", "SUSE_SU-2019-2214-1.NASL", "SUSE_SU-2019-2254-1.NASL", "SUSE_SU-2019-2259-1.NASL", "SUSE_SU-2019-2260-1.NASL", "SUSE_SU-2020-0059-1.NASL", "UBUNTU_USN-4308-1.NASL", "UBUNTU_USN-4532-1.NASL", "UBUNTU_USN-4600-1.NASL", "UBUNTU_USN-4600-2.NASL", "UBUNTU_USN-6049-1.NASL", "WEBSPHERE_1288774.NASL", "WEB_APPLICATION_SCANNING_113005"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:AUG-2019-SECURITY-RELEASES"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310143069", "OPENVAS:1361412562310704503", "OPENVAS:1361412562310704508", "OPENVAS:1361412562310704520", "OPENVAS:1361412562310704597", "OPENVAS:1361412562310704669", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310844371", "OPENVAS:1361412562310852683", "OPENVAS:1361412562310852691", "OPENVAS:1361412562310852697", "OPENVAS:1361412562310852699", "OPENVAS:1361412562310852847", "OPENVAS:1361412562310852848", "OPENVAS:1361412562310852903", "OPENVAS:1361412562310876715", "OPENVAS:1361412562310876717", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310876760", "OPENVAS:1361412562310876892", "OPENVAS:1361412562310876912", "OPENVAS:1361412562310876991", "OPENVAS:1361412562310877499", "OPENVAS:1361412562310891941", "OPENVAS:1361412562310892109", "OPENVAS:1361412562310892110", "OPENVAS:1361412562310892111", "OPENVAS:1361412562310892135", "OPENVAS:1361412562310892153", "OPENVAS:1361412562310892179", "OPENVAS:1361412562310892270", "OPENVAS:1361412562311220191967", "OPENVAS:1361412562311220192078"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2726", "ELSA-2019-2925", "ELSA-2019-4269", "ELSA-2019-4273", "ELSA-2019-4816", "ELSA-2020-0348", "ELSA-2020-0579", "ELSA-2020-1317", "ELSA-2020-1379", "ELSA-2020-1926", "ELSA-2020-3053", "ELSA-2021-0705"]}, {"type": "osv", "idList": ["OSV:DLA-1941-1", "OSV:DLA-2109-1", "OSV:DLA-2110-1", "OSV:DLA-2111-1", "OSV:DLA-2135-1", "OSV:DLA-2153-1", "OSV:DLA-2179-1", "OSV:DLA-2270-1", "OSV:DLA-2364-1", "OSV:DLA-2365-1", "OSV:DLA-2485-1", "OSV:DSA-4503-1", "OSV:DSA-4508-1", "OSV:DSA-4520-1", "OSV:DSA-4597-1", "OSV:DSA-4669-1", "OSV:DSA-4885-1", "OSV:GHSA-27XJ-RQX5-2255", "OSV:GHSA-32GV-6CF3-WCMQ", "OSV:GHSA-39QC-96H7-956F", "OSV:GHSA-42F2-F9VC-6365", "OSV:GHSA-4W82-R329-3Q67", "OSV:GHSA-58P8-9G59-Q2HR", "OSV:GHSA-58PP-9C76-5625", "OSV:GHSA-5P34-5M6P-P58G", "OSV:GHSA-64X2-GQ24-75PV", "OSV:GHSA-758M-V56V-GRJ4", "OSV:GHSA-8HXH-R6F7-JF45", "OSV:GHSA-95CM-88F5-F2C7", "OSV:GHSA-9QCF-C26R-X5RF", "OSV:GHSA-9VVP-FXW6-JCXR", "OSV:GHSA-C265-37VJ-CWCC", "OSV:GHSA-C2Q3-4QRH-FM48", "OSV:GHSA-CQQJ-4P63-RRMM", "OSV:GHSA-F93P-F762-VR53", "OSV:GHSA-FF2W-CQ2G-WV5F", "OSV:GHSA-FQWF-PJWF-7VQV", "OSV:GHSA-GWW7-P5W4-WRFV", "OSV:GHSA-H4RC-386G-6M85", "OSV:GHSA-J229-2H63-RVH9", "OSV:GHSA-J823-4QCH-3RGM", "OSV:GHSA-MM9X-G8PC-W292", "OSV:GHSA-P2V9-G2QV-P635", "OSV:GHSA-P43X-XFJF-5JHR", "OSV:GHSA-P979-4MFW-53VG", "OSV:GHSA-Q93H-JC49-78GG", "OSV:GHSA-RF6R-2C4Q-2VWG", "OSV:GHSA-V3XW-C963-F5HC", "OSV:GO-2022-0536"]}, {"type": "photon", "idList": ["PHSA-2022-4.0-0298", "PHSA-2023-3.0-0545", "PHSA-2023-3.0-0564", "PHSA-2023-4.0-0362"]}, {"type": "redhat", "idList": ["RHSA-2019:2594", "RHSA-2019:2661", "RHSA-2019:2682", "RHSA-2019:2690", "RHSA-2019:2726", "RHSA-2019:2766", "RHSA-2019:2769", "RHSA-2019:2796", "RHSA-2019:2817", "RHSA-2019:2861", "RHSA-2019:2925", "RHSA-2019:2939", "RHSA-2019:2955", "RHSA-2019:2966", "RHSA-2019:3131", "RHSA-2019:3245", "RHSA-2019:3265", "RHSA-2019:3892", "RHSA-2019:3901", "RHSA-2019:3906", "RHSA-2019:4018", "RHSA-2019:4019", "RHSA-2019:4020", "RHSA-2019:4021", "RHSA-2019:4040", "RHSA-2019:4041", "RHSA-2019:4042", "RHSA-2019:4045", "RHSA-2019:4269", "RHSA-2019:4273", "RHSA-2019:4352", "RHSA-2020:0159", "RHSA-2020:0160", "RHSA-2020:0161", "RHSA-2020:0164", "RHSA-2020:0406", "RHSA-2020:0445", "RHSA-2020:0497", "RHSA-2020:0556", "RHSA-2020:0567", "RHSA-2020:0601", "RHSA-2020:0605", "RHSA-2020:0606", "RHSA-2020:0727", "RHSA-2020:0804", "RHSA-2020:0805", "RHSA-2020:0806", "RHSA-2020:0811", "RHSA-2020:0824", "RHSA-2020:0922", "RHSA-2020:0939", "RHSA-2020:0951", "RHSA-2020:0983", "RHSA-2020:1422", "RHSA-2020:1445", "RHSA-2020:1523", "RHSA-2020:1538", "RHSA-2020:1644", "RHSA-2020:2058", "RHSA-2020:2059", "RHSA-2020:2060", "RHSA-2020:2061", "RHSA-2020:2067", "RHSA-2020:2106", "RHSA-2020:2107", "RHSA-2020:2108", "RHSA-2020:2112", "RHSA-2020:2252", "RHSA-2020:2320", "RHSA-2020:2321", "RHSA-2020:2333", "RHSA-2020:2511", "RHSA-2020:2512", "RHSA-2020:2513", "RHSA-2020:2515", "RHSA-2020:2565", "RHSA-2020:2605", "RHSA-2020:2618", "RHSA-2020:2751", "RHSA-2020:2813", "RHSA-2020:2905", "RHSA-2020:3133", "RHSA-2020:3192", "RHSA-2020:3197", "RHSA-2020:3247", "RHSA-2020:3461", "RHSA-2020:3462", "RHSA-2020:3463", "RHSA-2020:3464", "RHSA-2020:3501", "RHSA-2020:3585", "RHSA-2020:3626", "RHSA-2020:3637", "RHSA-2020:3638", "RHSA-2020:3639", "RHSA-2020:3642", "RHSA-2020:3779", "RHSA-2020:3817", "RHSA-2020:4252", "RHSA-2020:4366", "RHSA-2020:5568", "RHSA-2020:5625", "RHSA-2021:1313", "RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-12406", "RH:CVE-2019-12423", "RH:CVE-2019-13990", "RH:CVE-2019-16869", "RH:CVE-2019-17573", "RH:CVE-2019-20330", "RH:CVE-2019-20444", "RH:CVE-2019-20445", "RH:CVE-2019-9512", "RH:CVE-2019-9514", "RH:CVE-2019-9515", "RH:CVE-2019-9518", "RH:CVE-2020-10672", "RH:CVE-2020-10673", "RH:CVE-2020-10968", "RH:CVE-2020-10969", "RH:CVE-2020-11111", "RH:CVE-2020-11112", "RH:CVE-2020-11113", "RH:CVE-2020-11612", "RH:CVE-2020-11619", "RH:CVE-2020-11620", "RH:CVE-2020-13954", "RH:CVE-2020-14060", "RH:CVE-2020-14061", "RH:CVE-2020-14062", "RH:CVE-2020-1718", "RH:CVE-2020-7238", "RH:CVE-2020-8840", "RH:CVE-2020-9546", "RH:CVE-2020-9547", "RH:CVE-2020-9548"]}, {"type": "rocky", "idList": ["RLSA-2019:2925", "RLSA-2019:4269", "RLSA-2019:4273", "RLSA-2020:1644"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2085-1", "OPENSUSE-SU-2019:2114-1", "OPENSUSE-SU-2019:2115-1", "OPENSUSE-SU-2019:2130-1"]}, {"type": "symantec", "idList": ["SMNTC-109636", "SMNTC-109637", "SMNTC-109639"]}, {"type": "talosblog", "idList": ["TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:F6202F3C31F7C788D1830F976D0B2464"]}, {"type": "threatpost", "idList": ["THREATPOST:28F667D81C6074266934A97C7BE4DE9B"]}, {"type": "ubuntu", "idList": ["USN-4308-1", "USN-4532-1", "USN-4600-1", "USN-4600-2", "USN-4813-1", "USN-4866-1", "USN-6049-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-13990", "UB:CVE-2019-16869", "UB:CVE-2019-20330", "UB:CVE-2019-20444", "UB:CVE-2019-20445", "UB:CVE-2019-9512", "UB:CVE-2019-9514", "UB:CVE-2019-9515", "UB:CVE-2019-9518", "UB:CVE-2020-10672", "UB:CVE-2020-10673", "UB:CVE-2020-10968", "UB:CVE-2020-10969", "UB:CVE-2020-11111", "UB:CVE-2020-11112", "UB:CVE-2020-11113", "UB:CVE-2020-11612", "UB:CVE-2020-11619", "UB:CVE-2020-11620", "UB:CVE-2020-14060", "UB:CVE-2020-14061", "UB:CVE-2020-14062", "UB:CVE-2020-7238", "UB:CVE-2020-8840", "UB:CVE-2020-9546", "UB:CVE-2020-9547", "UB:CVE-2020-9548"]}, {"type": "veracode", "idList": ["VERACODE:21424", "VERACODE:21426", "VERACODE:21427", "VERACODE:21582", "VERACODE:21594", "VERACODE:21926", "VERACODE:22246", "VERACODE:22317", "VERACODE:22319", "VERACODE:22406", "VERACODE:22411", "VERACODE:22420", "VERACODE:22481", "VERACODE:22529", "VERACODE:22620", "VERACODE:22621", "VERACODE:22622", "VERACODE:22752", "VERACODE:22753", "VERACODE:22802", "VERACODE:22813", "VERACODE:22905", "VERACODE:22908", "VERACODE:22967", "VERACODE:22978", "VERACODE:22981", "VERACODE:25392", "VERACODE:25450", "VERACODE:25679", "VERACODE:25680", "VERACODE:25681"]}]}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2925"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-9512", "ALPINE:CVE-2019-9515"]}, {"type": "amazon", "idList": ["ALAS-2019-1270", "ALAS2-2019-1272"]}, {"type": "apple", "idList": ["APPLE:B7EC2E92CBEF4481D5F2735898CA5FE4", "APPLE:HT210436"]}, {"type": "archlinux", "idList": ["ASA-201908-15", "ASA-201908-16"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-70971"]}, {"type": "attackerkb", "idList": ["AKB:8AA21692-1900-4944-98AB-BEC257302198"]}, {"type": "cert", "idList": ["VU:605641"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1346"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7430089B5BD03FDE67C945B0672A675E"]}, {"type": "cve", "idList": ["CVE-2019-13990", "CVE-2019-16869", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-1718"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1941-1:FEB61", "DEBIAN:DLA-2153-1:D5ADC", "DEBIAN:DLA-2179-1:DDD4A", "DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4508-1:2E656", "DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DSA-4597-1:11183", "DEBIAN:DSA-4669-1:2AD2E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-13990", "DEBIANCVE:CVE-2019-20330", "DEBIANCVE:CVE-2019-9512", "DEBIANCVE:CVE-2019-9514", "DEBIANCVE:CVE-2019-9515", "DEBIANCVE:CVE-2020-10672", "DEBIANCVE:CVE-2020-10673", "DEBIANCVE:CVE-2020-10968", "DEBIANCVE:CVE-2020-10969", "DEBIANCVE:CVE-2020-11111", "DEBIANCVE:CVE-2020-11112", "DEBIANCVE:CVE-2020-11113", "DEBIANCVE:CVE-2020-11619", "DEBIANCVE:CVE-2020-11620", "DEBIANCVE:CVE-2020-14060", "DEBIANCVE:CVE-2020-14061", "DEBIANCVE:CVE-2020-14062", "DEBIANCVE:CVE-2020-8840", "DEBIANCVE:CVE-2020-9546", "DEBIANCVE:CVE-2020-9547", "DEBIANCVE:CVE-2020-9548"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K15320518", "F5:K46011592", "F5:K50233772", "F5:K98053339"]}, {"type": "fedora", "idList": ["FEDORA:05AFB3091421", "FEDORA:0C9226047329", "FEDORA:5869F62F1007", "FEDORA:691DA613FFAA", "FEDORA:976B760CEC41", "FEDORA:BDA8C6056EF5", "FEDORA:BDC9D3090DB1", "FEDORA:CCB9960F3CBA", "FEDORA:D307A6040ED0", "FEDORA:E5C91604A708"]}, {"type": "fortinet", "idList": ["FG-IR-19-225"]}, {"type": "freebsd", "idList": ["10E3ED8A-DB7F-11EA-8BDF-643150D3111D", "41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "72A5579E-C765-11E9-8052-0028F8D09152", "73B1E734-C74E-11E9-8052-0028F8D09152", "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "C97A940B-C392-11E9-BB38-000D3AB229D6"]}, {"type": "github", "idList": ["GHSA-27XJ-RQX5-2255", "GHSA-42F2-F9VC-6365", "GHSA-58P8-9G59-Q2HR", "GHSA-58PP-9C76-5625", "GHSA-5P34-5M6P-P58G", "GHSA-758M-V56V-GRJ4", "GHSA-95CM-88F5-F2C7", "GHSA-9VVP-FXW6-JCXR", "GHSA-F93P-F762-VR53", "GHSA-FQWF-PJWF-7VQV", "GHSA-H4RC-386G-6M85", "GHSA-P43X-XFJF-5JHR", "GHSA-P979-4MFW-53VG", "GHSA-Q93H-JC49-78GG", "GHSA-RF6R-2C4Q-2VWG", "GHSA-V3XW-C963-F5HC"]}, {"type": "githubexploit", "idList": ["3A4AAB02-CCAA-51EA-8324-41D2F506E5A2", "3BE6C242-DF61-5FB1-AF29-941FEF80A127", "5EDF02C1-5DDC-5B0E-BF23-677048091107"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200610-01-FASTJASON"]}, {"type": "ibm", "idList": ["057F23DB71C72978E8CCF4A7BDE90605082E47A058ABF70F5C21BAD102DCB0FA", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "3C024BED98983358FC2A70F4FA5AF823CC21E61763DB444AC2404D2ECDECB070", "3E7BCC3A39D1CFB4F6C570A1E4A32EF1E9BE12345C73F5DE9BC3800C3339BDEA", "43889098AF27B56E1AAC2C0ADC87D15751A2B0CCE3BF25260E32BBE3CCA7CE93", "4CE6EF5A931E1DD71173744E63FA5B598713F2EB1EFE22E55E4D35D7659268AA", "644A8D20EA5C122A543FD2875F814F29458A670A8F81310C4182A6D4DD814E43", "69FB72CCB8D5FCC39004FA966C700C2C3FAC030FB41B36D5BE112D01469B6B39", "77A28093327290BEEC30BA0FD258343ECA5E3AFE8F5CC46CBAE8878B49FB78B9", "7B05B840ACCC17A8D2E2D9B0FD2D6480FB03A9408D40E605B8310E82A4503F00", "9D10729AB8873D23F2244363D8A1DDDC6F4683B3420052FC513112D30B8E6FC8", "BD73CB304818422172D48F1453A9EBB4A928DE6BC130FF8EE26D6D8B3208D65E", "C7C90AE07B9F79A9EEF6608D4722926B0CCF2ECD1B095573CDC550F929B66111", "E82785235072F5EF5FCC205CE14F01F22FB4483D23ECF18B1C4AED471927B7FC", "FBF04463FD979054AD645A3FD172D5826C3ABE6D6D2F80B590982B60B574F03D"]}, {"type": "kaspersky", "idList": ["KLA11534"]}, {"type": "kitploit", "idList": ["KITPLOIT:8656177976839178440"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2020-7238/"]}, {"type": "mscve", "idList": ["MS:CVE-2019-9512", "MS:CVE-2019-9514", "MS:CVE-2019-9518"]}, {"type": "myhack58", "idList": ["MYHACK58:62201995518"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2153.NASL", "DEBIAN_DLA-2179.NASL", "DEBIAN_DSA-4669.NASL", "FREEBSD_PKG_10E3ED8ADB7F11EA8BDF643150D3111D.NASL", "FREEBSD_PKG_9FBAEFB3837E11EAB5B4641C67A117D8.NASL", "JBOSS_EAP_RHSA-2019-4021.NASL", "JUNIPER_JSA11167.NASL", "KUBERNETES_1_15_3.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2020.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2021.NASL", "REDHAT-RHSA-2019-3906.NASL", "REDHAT-RHSA-2019-4018.NASL", "REDHAT-RHSA-2019-4019.NASL", "REDHAT-RHSA-2019-4020.NASL", "REDHAT-RHSA-2019-4040.NASL", "REDHAT-RHSA-2019-4041.NASL", "REDHAT-RHSA-2019-4042.NASL", "REDHAT-RHSA-2019-4269.NASL", "REDHAT-RHSA-2019-4273.NASL", "REDHAT-RHSA-2020-2106.NASL", "REDHAT-RHSA-2020-2107.NASL", "REDHAT-RHSA-2020-2108.NASL", "REDHAT_UPDATE_LEVEL.NASL", "UBUNTU_USN-4308-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704503", "OPENVAS:1361412562310704508", "OPENVAS:1361412562310704520", "OPENVAS:1361412562310704669", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310844371", "OPENVAS:1361412562310852683", "OPENVAS:1361412562310852691", "OPENVAS:1361412562310852697", "OPENVAS:1361412562310852699", "OPENVAS:1361412562310876715", "OPENVAS:1361412562310876717", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310876760", "OPENVAS:1361412562310876892", "OPENVAS:1361412562310876912", "OPENVAS:1361412562310876991", "OPENVAS:1361412562310891941", "OPENVAS:1361412562310892153", "OPENVAS:1361412562310892179"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2726", "ELSA-2019-2925", "ELSA-2019-4816", "ELSA-2020-1317", "ELSA-2020-1379", "ELSA-2020-1926"]}, {"type": "redhat", "idList": ["RHSA-2019:2925", "RHSA-2020:1422", "RHSA-2020:1538"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-13954"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2085-1", "OPENSUSE-SU-2019:2114-1", "OPENSUSE-SU-2019:2115-1", "OPENSUSE-SU-2019:2130-1"]}, {"type": "symantec", "idList": ["SMNTC-109639"]}, {"type": "talosblog", "idList": ["TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:F6202F3C31F7C788D1830F976D0B2464"]}, {"type": "threatpost", "idList": ["THREATPOST:28F667D81C6074266934A97C7BE4DE9B"]}, {"type": "ubuntu", "idList": ["USN-4308-1", "USN-4532-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-16869", "UB:CVE-2019-20330", "UB:CVE-2019-20444", "UB:CVE-2019-20445", "UB:CVE-2019-9512", "UB:CVE-2019-9514", "UB:CVE-2019-9515", "UB:CVE-2019-9518", "UB:CVE-2020-10672", "UB:CVE-2020-10673", "UB:CVE-2020-10968", "UB:CVE-2020-10969", "UB:CVE-2020-11111", "UB:CVE-2020-11112", "UB:CVE-2020-11113", "UB:CVE-2020-11612", "UB:CVE-2020-11619", "UB:CVE-2020-11620", "UB:CVE-2020-14060", "UB:CVE-2020-14061", "UB:CVE-2020-14062", "UB:CVE-2020-7238", "UB:CVE-2020-8840", "UB:CVE-2020-9546", "UB:CVE-2020-9547", "UB:CVE-2020-9548"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-12406", "epss": 0.00245, "percentile": 0.61, "modified": "2023-05-07"}, {"cve": "CVE-2019-12423", "epss": 0.00239, "percentile": 0.60455, "modified": "2023-05-07"}, {"cve": "CVE-2019-13990", "epss": 0.00354, "percentile": 0.67753, "modified": "2023-05-07"}, {"cve": "CVE-2019-16869", "epss": 0.00633, "percentile": 0.75991, "modified": "2023-05-07"}, {"cve": "CVE-2019-17573", "epss": 0.00212, "percentile": 0.57744, "modified": "2023-05-07"}, {"cve": "CVE-2019-20330", "epss": 0.00463, "percentile": 0.71745, "modified": "2023-05-07"}, {"cve": "CVE-2019-20444", "epss": 0.00438, "percentile": 0.70991, "modified": "2023-05-07"}, {"cve": "CVE-2019-20445", "epss": 0.00169, "percentile": 0.52423, "modified": "2023-05-07"}, {"cve": "CVE-2019-9512", "epss": 0.19872, "percentile": 0.9556, "modified": "2023-05-07"}, {"cve": "CVE-2019-9514", "epss": 0.901, "percentile": 0.98251, "modified": "2023-05-07"}, {"cve": "CVE-2019-9515", "epss": 0.06467, "percentile": 0.92613, "modified": "2023-05-07"}, {"cve": "CVE-2019-9518", "epss": 0.00285, "percentile": 0.64025, "modified": "2023-05-07"}, {"cve": "CVE-2020-10672", "epss": 0.00743, "percentile": 0.7819, "modified": "2023-05-07"}, {"cve": "CVE-2020-10673", "epss": 0.00743, "percentile": 0.7819, "modified": "2023-05-07"}, {"cve": "CVE-2020-10968", "epss": 0.00366, "percentile": 0.68306, "modified": "2023-05-07"}, {"cve": "CVE-2020-10969", "epss": 0.00366, "percentile": 0.68306, "modified": "2023-05-07"}, {"cve": "CVE-2020-11111", "epss": 0.00366, "percentile": 0.68306, "modified": "2023-05-07"}, {"cve": "CVE-2020-11112", "epss": 0.00366, "percentile": 0.68306, "modified": "2023-05-07"}, {"cve": "CVE-2020-11113", "epss": 0.00366, "percentile": 0.68306, "modified": "2023-05-07"}, {"cve": "CVE-2020-11612", "epss": 0.00593, "percentile": 0.75137, "modified": "2023-05-07"}, {"cve": "CVE-2020-11619", "epss": 0.01379, "percentile": 0.84304, "modified": "2023-05-07"}, {"cve": "CVE-2020-11620", "epss": 0.01428, "percentile": 0.84549, "modified": "2023-05-07"}, {"cve": "CVE-2020-14060", "epss": 0.39335, "percentile": 0.9668, "modified": "2023-05-07"}, {"cve": "CVE-2020-14061", "epss": 0.02076, "percentile": 0.87373, "modified": "2023-05-07"}, {"cve": "CVE-2020-14062", "epss": 0.04035, "percentile": 0.90763, "modified": "2023-05-07"}, {"cve": "CVE-2020-1718", "epss": 0.0008, "percentile": 0.32931, "modified": "2023-05-07"}, {"cve": "CVE-2020-7238", "epss": 0.00506, "percentile": 0.73035, "modified": "2023-05-07"}, {"cve": "CVE-2020-8840", "epss": 0.0068, "percentile": 0.77029, "modified": "2023-05-07"}, {"cve": "CVE-2020-9546", "epss": 0.00527, "percentile": 0.73593, "modified": "2023-05-07"}, {"cve": "CVE-2020-9547", "epss": 0.00534, "percentile": 0.73742, "modified": "2023-05-07"}, {"cve": "CVE-2020-9548", "epss": 0.00527, "percentile": 0.73593, "modified": "2023-05-07"}], "vulnersScore": 0.2}, "_state": {"dependencies": 1685815302, "score": 1685806281, "epss": 0}, "_internal": {"score_hash": "2f7532dc2786c964bdaec3c1d754dd5a"}, "affectedPackage": [], "vendorCvss": {"severity": "important"}}

{"redhat": [{"lastseen": "2023-06-03T15:19:40", "description": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.8.0 serves as an update to Red Hat Process Automation Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* netty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* netty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* netty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* cxf-core: cxf: does not restrict the number of message attachments (CVE-2019-12406)\n\n* cxf-core: cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* cxf-core: cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (CVE-2020-14062)\n\n* jackson-databind: serialization in weblogic/oracle-aqjms (CVE-2020-14061)\n\n* jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-14060)\n\n* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* quartz: libquartz: XXE attacks via job description (CVE-2019-13990)\n\n* keycloak: security issue on reset credential flow (CVE-2020-1718)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-29T06:17:46", "type": "redhat", "title": "(RHSA-2020:3197) Important: Red Hat Process Automation Manager 7.8.0 Security Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10086", "CVE-2019-12406", "CVE-2019-12423", "CVE-2019-13990", "CVE-2019-16869", "CVE-2019-17573", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-1718", "CVE-2020-7238", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-07-29T06:18:37", "id": "RHSA-2020:3197", "href": "https://access.redhat.com/errata/RHSA-2020:3197", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:41", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-21T11:44:53", "type": "redhat", "title": "(RHSA-2020:1523) Important: rh-maven35-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113"], "modified": "2020-04-21T12:03:53", "id": "RHSA-2020:1523", "href": "https://access.redhat.com/errata/RHSA-2020:1523", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:31", "description": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.0 serves as a replacement for Red Hat Single Sign-On 7.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: missing input validation in IDP authorization URLs (CVE-2020-1727)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-12-17T16:36:27", "type": "redhat", "title": "(RHSA-2020:5625) Moderate: Red Hat Single Sign-On 7.4.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10968", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-1698", "CVE-2020-1727"], "modified": "2020-12-22T07:03:03", "id": "RHSA-2020:5625", "href": "https://access.redhat.com/errata/RHSA-2020:5625", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:39", "description": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* jetty: Incorrect header handling (CVE-2017-7658)\n\n* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\n* jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-17T13:03:47", "type": "redhat", "title": "(RHSA-2020:3779) Important: Red Hat Data Grid 7.3.7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3720", "CVE-2017-7658", "CVE-2019-10172", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10714", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-1695", "CVE-2020-1710", "CVE-2020-1719", "CVE-2020-1745", "CVE-2020-1748", "CVE-2020-1757", "CVE-2020-8840", "CVE-2020-9488", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-09-17T13:04:39", "id": "RHSA-2020:3779", "href": "https://access.redhat.com/errata/RHSA-2020:3779", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:47", "description": "This release of Red Hat build of Eclipse Vert.x 3.8.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-03T16:07:01", "type": "redhat", "title": "(RHSA-2020:0567) Important: Red Hat build of Eclipse Vert.x 3.8.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-03-03T16:07:13", "id": "RHSA-2020:0567", "href": "https://access.redhat.com/errata/RHSA-2020:0567", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:19:47", "description": "Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.\n\nThis update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-25T15:01:50", "type": "redhat", "title": "(RHSA-2020:0601) Important: AMQ Clients 2.6.0 Release", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-25T15:19:59", "id": "RHSA-2020:0601", "href": "https://access.redhat.com/errata/RHSA-2020:0601", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:19:47", "description": "The release of Red Hat AMQ Online 1.3.3 serves as a replacement for AMQ online 1.3.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. \n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-13T14:03:36", "type": "redhat", "title": "(RHSA-2020:0497) Important: AMQ Online security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-13T14:49:29", "id": "RHSA-2020:0497", "href": "https://access.redhat.com/errata/RHSA-2020:0497", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:19:47", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n\t\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-25T17:21:05", "type": "redhat", "title": "(RHSA-2020:0606) Important: Red Hat JBoss Enterprise Application Platform 7.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-26T10:40:26", "id": "RHSA-2020:0606", "href": "https://access.redhat.com/errata/RHSA-2020:0606", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:19:47", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the wildfly-security-manager package in Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-25T17:21:01", "type": "redhat", "title": "(RHSA-2020:0605) Important: Red Hat JBoss Enterprise Application Platform 7.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-26T10:33:22", "id": "RHSA-2020:0605", "href": "https://access.redhat.com/errata/RHSA-2020:0605", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-03T15:19:41", "description": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943)\n\n* jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-28T09:00:20", "type": "redhat", "title": "(RHSA-2020:1644) Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14540", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17531", "CVE-2019-20330", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2021-09-29T01:30:00", "id": "RHSA-2020:1644", "href": "https://access.redhat.com/errata/RHSA-2020:1644", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:41", "description": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.4.3 serves as a replacement for Red Hat AMQ Broker 7.4.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jetty: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* jetty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* jetty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* jetty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* jetty: HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* jetty: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* jetty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* mqtt-client: activemq: Corrupt MQTT frame can cause broker shutdown (CVE-2019-0222)\n\n* jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions (CVE-2019-10241)\n\n* jetty: error path information disclosure (CVE-2019-10247)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-04-14T12:57:06", "type": "redhat", "title": "(RHSA-2020:1445) Important: Red Hat AMQ Broker 7.4.3 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0222", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518", "CVE-2020-7238"], "modified": "2020-04-14T12:57:30", "id": "RHSA-2020:1445", "href": "https://access.redhat.com/errata/RHSA-2020:1445", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:47", "description": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.6.0 serves as a replacement for Red Hat AMQ Broker 7.5.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* jetty: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* jetty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* jetty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* jetty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* jetty: HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* jetty: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* jetty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions (CVE-2019-10241)\n\n* jetty: error path information disclosure (CVE-2019-10247)\n\n* mqtt-client: activemq: Corrupt MQTT frame can cause broker shutdown (CVE-2019-0222)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-23T08:05:45", "type": "redhat", "title": "(RHSA-2020:0922) Important: Red Hat AMQ Broker 7.6 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0222", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518", "CVE-2020-7238"], "modified": "2020-03-23T08:11:28", "id": "RHSA-2020:0922", "href": "https://access.redhat.com/errata/RHSA-2020:0922", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains updates gRPC in the sriov-network-device-plugin container in Red Hat OpenShift Container Platform 4.1.18.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-26T17:11:08", "type": "redhat", "title": "(RHSA-2019:2861) Important: OpenShift Container Platform 4.1.18 gRPC security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2019-09-26T17:11:33", "id": "RHSA-2019:2861", "href": "https://access.redhat.com/errata/RHSA-2019:2861", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Skydive is an open source real-time network topology and protocols analyzer.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-17T08:12:27", "type": "redhat", "title": "(RHSA-2019:2796) Important: skydive security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2019-09-17T13:12:57", "id": "RHSA-2019:2796", "href": "https://access.redhat.com/errata/RHSA-2019:2796", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains updated container images for multus-cni, operator-lifecycle-manager, and operator-registry in Red Hat OpenShift Container Platform 4.1.15. Each of these container images includes gRPC, which has been updated with the below fixes.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-12T18:20:25", "type": "redhat", "title": "(RHSA-2019:2766) Important: Red Hat OpenShift Enterprise 4.1.15 gRPC security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2019-09-12T18:21:12", "id": "RHSA-2019:2766", "href": "https://access.redhat.com/errata/RHSA-2019:2766", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:40", "description": "This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* netty (CVE-2016-4970 CVE-2020-7238 CVE-2019-20444 CVE-2019-20445)\n\n* dom4j (CVE-2018-1000632)\n\n* elasticsearch (CVE-2018-3831)\n\n* pdfbox (CVE-2018-11797)\n\n* vertx (CVE-2018-12541)\n\n* spring-data-jpa (CVE-2019-3797)\n\n* mina-core (CVE-2019-0231)\n\n* jackson-databind (CVE-2019-12086 CVE-2019-16335 CVE-2019-14540 CVE-2019-17267 CVE-2019-14892 CVE-2019-14893 CVE-2019-16942 CVE-2019-16943 CVE-2019-17531 CVE-2019-20330 CVE-2020-10673 CVE-2020-10672 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11620 CVE-2020-11619 CVE-2020-14195 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062)\n\n* jackson-mapper-asl (CVE-2019-10172)\n\n* hawtio (CVE-2019-9827)\n\n* undertow (CVE-2019-9511 CVE-2020-1757 CVE-2019-14888 CVE-2020-1745)\n\n* santuario (CVE-2019-12400)\n\n* apache-commons-beanutils (CVE-2019-10086)\n\n* cxf (CVE-2019-17573)\n\n* apache-commons-configuration (CVE-2020-1953)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-07-28T15:50:16", "type": "redhat", "title": "(RHSA-2020:3192) Important: Red Hat Fuse 7.7.0 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4970", "CVE-2018-1000632", "CVE-2018-11797", "CVE-2018-12541", "CVE-2018-3831", "CVE-2019-0231", "CVE-2019-10086", "CVE-2019-10172", "CVE-2019-12086", "CVE-2019-12400", "CVE-2019-12419", "CVE-2019-14540", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-17573", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-3797", "CVE-2019-9511", "CVE-2019-9827", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10687", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-1745", "CVE-2020-1757", "CVE-2020-1953", "CVE-2020-7238", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2021-03-04T16:06:31", "id": "RHSA-2020:3192", "href": "https://access.redhat.com/errata/RHSA-2020:3192", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:40", "description": "This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* cxf: does not restrict the number of message attachments (CVE-2019-12406)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12419)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* jackson-databind: Multiple serialization gadgets (CVE-2019-17531, CVE-2019-16943, CVE-2019-16942, CVE-2019-17267, CVE-2019-14540, CVE-2019-16335, CVE-2019-14893, CVE-2019-14892, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548, CVE-2020-10969, CVE-2020-10968, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11619, CVE-2020-11620, CVE-2019-20330, CVE-2020-8840)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command \nexecution (CVE-2020-10672, CVE-2020-10673)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* keycloak: missing signatures validation on CRL used to verify client certificates (CVE-2019-3875)\n\n* keycloak: SAML broker does not check existence of signature on document allowing any user impersonation (CVE-2019-10201)\n\n* keycloak: CSRF check missing in My Resources functionality in the Account Console (CVE-2019-10199)\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* SmallRye: SecuritySupport class is incorrectly public and contains a static method to access the current threads context class loader (CVE-2020-1729)\n\n* thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default (CVE-2019-14838)\n\n* xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-18T10:17:19", "type": "redhat", "title": "(RHSA-2020:2067) Important: Red Hat build of Thorntail 2.5.1 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-10199", "CVE-2019-10201", "CVE-2019-10219", "CVE-2019-12400", "CVE-2019-12406", "CVE-2019-12419", "CVE-2019-14540", "CVE-2019-14820", "CVE-2019-14832", "CVE-2019-14838", "CVE-2019-14887", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-20330", "CVE-2019-3875", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-1729", "CVE-2020-7238", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-05-18T10:17:39", "id": "RHSA-2020:2067", "href": "https://access.redhat.com/errata/RHSA-2020:2067", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:40", "description": "Red Hat JBoss Enterprise Application Platform CD19 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD19 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12419)\n\n* cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)\n\n* jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)\n\n* jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)\n\n* jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531)\n\n* cxf: reflected XSS in the services listing page (CVE-2019-17573)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)\n\n* Soteria: security identity corruption across concurrent threads (CVE-2020-1732)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-28T15:47:01", "type": "redhat", "title": "(RHSA-2020:2333) Important: EAP Continuous Delivery Technical Preview Release 19 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0205", "CVE-2019-0210", "CVE-2019-10086", "CVE-2019-10174", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-14540", "CVE-2019-14887", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16869", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-17573", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-10672", "CVE-2020-10688", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-1695", "CVE-2020-1732", "CVE-2020-1745", "CVE-2020-7238", "CVE-2020-9547"], "modified": "2020-05-28T15:47:33", "id": "RHSA-2020:2333", "href": "https://access.redhat.com/errata/RHSA-2020:2333", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:40", "description": "Red Hat JBoss Enterprise Application Platform CD18 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD18 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n* undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n* undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n* undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n* undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n* wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default (CVE-2019-14838)\n* undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely (CVE-2019-19343)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-15T16:12:34", "type": "redhat", "title": "(RHSA-2020:2565) Important: EAP Continuous Delivery Technical Preview Release 18 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14838", "CVE-2019-19343", "CVE-2019-3805", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-06-15T16:13:10", "id": "RHSA-2020:2565", "href": "https://access.redhat.com/errata/RHSA-2020:2565", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:40", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-26T15:00:48", "type": "redhat", "title": "(RHSA-2020:2320) Important: rh-maven35-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-05-26T15:15:42", "id": "RHSA-2020:2320", "href": "https://access.redhat.com/errata/RHSA-2020:2320", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. See the download link given in the references section below.\n\nSecurity fix(es):\n\n* zookeeper: Information disclosure in Apache ZooKeeper (CVE-2019-0201)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) \n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-19T17:16:33", "type": "redhat", "title": "(RHSA-2019:4352) Important: Red Hat JBoss Fuse/A-MQ 6.3 R14 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0201", "CVE-2019-10173", "CVE-2019-12384", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2019-12-19T17:16:50", "id": "RHSA-2019:4352", "href": "https://access.redhat.com/errata/RHSA-2019:4352", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:47", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.4.0 serves as a replacement for Red Hat AMQ Streams 1.3.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* kafka: Connect REST API exposes plaintext secrets in tasks endpoint (CVE-2019-12399)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-23T13:14:04", "type": "redhat", "title": "(RHSA-2020:0939) Important: Red Hat AMQ Streams 1.4.0 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12399", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17531", "CVE-2019-20330", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-03-23T13:14:27", "id": "RHSA-2020:0939", "href": "https://access.redhat.com/errata/RHSA-2020:0939", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T05:08:25", "type": "redhat", "title": "(RHSA-2019:2661) Important: Red Hat OpenShift Container Platform 4.1 openshift RPM security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-11T05:14:59", "id": "RHSA-2019:2661", "href": "https://access.redhat.com/errata/RHSA-2019:2661", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-10T10:40:48", "type": "redhat", "title": "(RHSA-2019:2726) Important: go-toolset:rhel8 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-10T11:34:38", "id": "RHSA-2019:2726", "href": "https://access.redhat.com/errata/RHSA-2019:2726", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. These packages have been rebuilt with an updated version of Go to address the below security issues.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-30T18:12:25", "type": "redhat", "title": "(RHSA-2019:3265) Important: OpenShift Container Platform 4.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-10-30T18:16:12", "id": "RHSA-2019:3265", "href": "https://access.redhat.com/errata/RHSA-2019:3265", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:19:48", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThe following packages have been rebuilt with an updated version of golang: apb (2.0.3), containernetworking-plugins (0.8.1), and golang-github-prometheus-promu (0.5.0). \n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-29T17:28:20", "type": "redhat", "title": "(RHSA-2019:3245) Important: OpenShift Container Platform 4.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-10-29T17:33:56", "id": "RHSA-2019:3245", "href": "https://access.redhat.com/errata/RHSA-2019:3245", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ibm": [{"lastseen": "2023-02-27T21:51:33", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of FasterXML jackson-databind.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-14195](<https://vulners.com/cve/CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<https://vulners.com/cve/CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14060](<https://vulners.com/cve/CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<https://vulners.com/cve/CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.3 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.1.4 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-29T08:58:37", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195"], "modified": "2020-08-29T08:58:37", "id": "BCCAA86BCC3B16C9C58E1F4717449CC03D19E983B5D795C29B0F4F2B70C2296D", "href": "https://www.ibm.com/support/pages/node/6323689", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:47:43", "description": "## Summary\n\nVulnerabilities identified in jackson-databind shipped with IBM Cloud Pak System. IBM Clous Pak System addresssed vulnerabilities. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14195](<https://vulners.com/cve/CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<https://vulners.com/cve/CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14060](<https://vulners.com/cve/CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<https://vulners.com/cve/CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak System| 2.3.0.1, 2.3.1.1 \n \n## Remediation/Fixes\n\nFor IBM Cloud Pak System V.2.3.0.1, V2.3.1.1,\n\nUpgrade to IBM Cloud Pak System V2.3.2.0 \n\nInformation on upgrading can be found here: <http://www.ibm.com/support/docview.wss?uid=ibm10887959>.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-11T13:19:32", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in jackson-databind shipped with IBM Cloud Pak System", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195"], "modified": "2022-08-11T13:19:32", "id": "AE04C563BFD8D158A34D941FC591BA2027AA9CDF2814A2468DA20F6AF67AFEDE", "href": "https://www.ibm.com/support/pages/node/6251301", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:29", "description": "## Summary\n\nFaster-XML Jackson-databind (excludes most polymorphic typing gadget attacks) (Publicly disclosed vulnerability) is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson-databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this service installed you are not affected by this bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 3 (only if you have installed the REST Mediation service in Predictive Insights) \n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6> \"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-31T13:36:05", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-08-31T13:36:05", "id": "F7B0F41A9554E301160EFC5535E817D656638E60F300D17F359C5D0DFB4A3640", "href": "https://www.ibm.com/support/pages/node/6324679", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:30", "description": "## Summary\n\nFaster-XML Jackson-databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson-databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this service installed you are not affected by this bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 3 (only if you have installed the REST Mediation service in Predictive Insights) \n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6> \"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-31T13:34:49", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-08-31T13:34:49", "id": "FFF1414315350598A8A6CE2454488CEB6A6744EC626EE6D1B67444FD1CE73AAB", "href": "https://www.ibm.com/support/pages/node/6324675", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:29", "description": "## Summary\n\nFaster-XML Jackson-databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this utility installed you are not affected by this bulletin, otherwise apply the recommened remediation fixes.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 3 (only if you have installed the REST Mediation service in Predictive Insights) \n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6> \"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6\" )\n\nNote that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this utility installed you are not affected by this bulletin, otherwise apply the fix.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-31T13:37:18", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-08-31T13:37:18", "id": "008B0D501A1CB8226ABFE1582856F4EF756D398AE0B7847587583CD244F7DABA", "href": "https://www.ibm.com/support/pages/node/6324691", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:41", "description": "## Summary\n\nFaster-XML Jackson-databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this utility installed you are not affected by this bulletin, otherwise apply the recommended remediation fixes.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 3 (only if you have installed the REST Mediation service in Predictive Insights) \n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6> \"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6\" )\n\nNote that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this utility installed you are not affected by this bulletin, otherwise apply the fix.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-31T13:35:32", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-08-31T13:35:32", "id": "67521096E2499B8DA87859FF51DB33A2152163398E0849BDD3366F9B6EE2B17F", "href": "https://www.ibm.com/support/pages/node/6324689", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:31", "description": "## Summary\n\nFaster-XML Jackson-databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson-databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this service installed you are not affected by this bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 3 (only if you have installed the REST Mediation service in Predictive Insights)\n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6> \"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-08-31T13:34:25", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affects IBM Operations Analytics Predictive Insights", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-08-31T13:34:25", "id": "4A7D85E877988216F11AD7DDC8ECED1B05CB1AA44C219D2D2283330DE7E7E1B0", "href": "https://www.ibm.com/support/pages/node/6324673", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:50:04", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed the security vulnerabilites.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling B2B Integrator| 5.2.0.0 - 5.2.6.5_3 \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.3 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.0.1 \n \n \n\n\n \n\n\n## Remediation/Fixes\n\nProduct &amp; Version| Remediation &amp; Fix \n---|--- \n5.2.0.0 - 5.2.6.5_3| Apply IBM Sterling B2B Integrator version 5.2.6.5_4 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.3.3| Apply IBM Sterling B2B Integrator version 6.0.3.4 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.1.0.0 - 6.1.0.1| Apply IBM Sterling B2B Integrator version 6.1.0.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-05-13T14:58:22", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in Jackson-Databind Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2022-05-13T14:58:22", "id": "77A28093327290BEEC30BA0FD258343ECA5E3AFE8F5CC46CBAE8878B49FB78B9", "href": "https://www.ibm.com/support/pages/node/6454167", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-02T14:51:41", "description": "## Summary\n\nThere are series of Deserialization of Untrusted Data vulnerabilities and Input Validation vulnerability in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<https://vulners.com/cve/CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14060](<https://vulners.com/cve/CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14195](<https://vulners.com/cve/CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<https://vulners.com/cve/CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-10202](<https://vulners.com/cve/CVE-2019-10202>) \n** DESCRIPTION: **Red Hat JBoss Enterprise Application Platform (EAP) could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization in Codehaus. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14893](<https://vulners.com/cve/CVE-2019-14893>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using the xalan JNDI gadget. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **Multiple Huawei products could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data without proper validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-10172](<https://vulners.com/cve/CVE-2019-10172>) \n** DESCRIPTION: **Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending a specially-crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172436>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLog Analysis| 1.3.1 \nLog Analysis| 1.3.2 \n \nLog Analysis| 1.3.3 \n \nLog Analysis| 1.3.4 \n \nLog Analysis| 1.3.5 \n \nLog Analysis| 1.3.6 \n \n \n\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s) :| Fix details \n---|--- \nIBM Operations Analytics - Log Analysis version 1.3.x| Upgrade to Log Analysis version 1.3.7 \nDownload the 1.3.7-TIV-IOALA-FP [here](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&release=1.3.7&platform=All&function=all> \"here\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-22T05:30:31", "type": "ibm", "title": "Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10172", "CVE-2019-10202", "CVE-2019-14893", "CVE-2019-17531", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2021-04-22T05:30:31", "id": "257282661EC40294AA6CD7D16D142C7D834B7703E989C3E4C143A5B9AF27C918", "href": "https://www.ibm.com/support/pages/node/6446143", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:53:54", "description": "## Summary\n\nThere are multiple vulnerabilities in FasterXML jackson-databind that may affect IBM Spectrum Protect Plus.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus | 10.1.0-10.1.5 \n \n## Remediation/Fixes\n\n**pectrum Protect** \n**Plus Release**| **First Fixing** \n**VRM Level**| **Platform**| **Link to Fix** \n---|---|---|--- \n10.1| 10.1.6| Linux| <https://www.ibm.com/support/pages/node/5693313> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-07-17T21:15:57", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Spectrum Protect Plus (CVE-2020-10673, CVE-2020-1112, CVE-2020-11113, CVE-2020-10672, CVE-2020-10968, CVE-2020-10969, CVE-2020-11619, CVE-2020-11111, CVE-2020-11620)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-1112", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-07-17T21:15:57", "id": "7AD0D7DF266CE4E3E8403D1010B4839400C3FF375189EB64CF4D3D9C52368CA5", "href": "https://www.ibm.com/support/pages/node/6250535", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:54:54", "description": "## Summary\n\nMultiple vulnerabilities in FasterXML jackson-databind affect IBM Spectrum Protect Plus.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/176241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/176241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20330](<https://vulners.com/cve/CVE-2019-20330>) \n** DESCRIPTION: **A lacking of certain net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173897](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173897>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus| 10.1.0-10.1.5 \n \n## Remediation/Fixes\n\n**Spectrum Protect** \n**Plus Release**| **First Fixing** \n**VRM Level**| **Platform**| **Link to Fix** \n---|---|---|--- \n10.1| 10.1.6| Linux| <https://www.ibm.com/support/pages/node/5693313> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-12T20:29:44", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in FasterXML jackson-databind affect IBM Spectrum Protect Plus (CVE-2020-9548, CVE-2020-9546. CVE-2020-9547, CVE-2020-8840, CVE-2019-20330)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20330", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-06-12T20:29:44", "id": "5A059C8C765B3BD7663468604398174B5ED506196CEFCE6A8AC2239051C813B4", "href": "https://www.ibm.com/support/pages/node/6221336", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:48:30", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Netty.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-16869](<https://vulners.com/cve/CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.4 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.2.0 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-09T04:40:37", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-12-09T04:40:37", "id": "582F96446333EB82A24A0C13191C208F7E940B6AE34B504E8FD5A296160793B6", "href": "https://www.ibm.com/support/pages/node/6364965", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T17:44:51", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n**DESCRIPTION: **An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/176241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/176241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Sterling B2B Integrator | 6.0.0.0 - 6.0.3.1 \nIBM Sterling B2B Integrator | 5.2.0.0 - 5.2.6.5_1 \n \n## Remediation/Fixes\n\n** Product &amp; Version** | ** Remediation &amp; Fix** \n---|--- \n5.2.0.0 - 5.2.6.5_1 | Apply IBM Sterling B2B Integrator version 5.2.6.5_2 and 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.3.1 | Apply IBM Sterling B2B Integrator version 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-24T17:07:55", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-07-24T17:07:55", "id": "C7C90AE07B9F79A9EEF6608D4722926B0CCF2ECD1B095573CDC550F929B66111", "href": "https://www.ibm.com/support/pages/node/6208043", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:54:47", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of FasterXML jackson-databind.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/176241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/176241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.2 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.1.3 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-19T05:07:08", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-06-19T05:07:08", "id": "DCD796DE1A947454806F2895884984638159DBE1069CC9361C465D63D9525B4E", "href": "https://www.ibm.com/support/pages/node/6228078", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T22:04:36", "description": "## Summary\n\nIBM Security Guardium Insights has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-16869](<https://vulners.com/cve/CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-11612](<https://vulners.com/cve/CVE-2020-11612>) \n** DESCRIPTION: **Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoders. By sending a large ZlibEncoded byte stream, a remote attacker could exploit this vulnerability to exhaust memory resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium Insights| 2.0.1 \n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium Insights| 2.0.1| [https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&amp;mhq=pasport%20advantage](<https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-10-06T12:30:35", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612"], "modified": "2021-10-06T12:30:35", "id": "9D10729AB8873D23F2244363D8A1DDDC6F4683B3420052FC513112D30B8E6FC8", "href": "https://www.ibm.com/support/pages/node/6320057", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-24T05:43:45", "description": "## Summary\n\nNetty is vulnerable to security issues affecting the Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-7238](<https://vulners.com/cve/CVE-2020-7238>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175398](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175398>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-16869](<https://vulners.com/cve/CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nHTTP/TCP Proxy component in Rational Test Virtualization Server| 8.7.1.2, 9.0.1.1, 9.1.1.1, 9.2.1.1, 9.5.0, 10.0.2.0 \nHTTP/TCP Proxy component in Rational Test Workbench| 8.7.1.2, 9.0.1.1, 9.1.1.1, 9.2.1.1, 9.5.0, 10.0.2.0 \n \nAll versions prior to those shown are affected. Upgrade to the latest versions shown.\n\n \n\n\n## Remediation/Fixes\n\nUpgrade your installation by following the instructions below: \n\n 1. Verify the version of Rational Test Control Panel\n 2. Download the fix for your product from Fix Central, this can be obtained for either Rational Test Workbench or Rational Test Virtualization Server by selecting the product and relevant version before browsing for fixes. Select and download the 20200302-ifix for your selected product.\n 3. Stop the HTTP/TCP proxy. \n 4. Navigate to the existing Rational Test Control Panel installation \nThe default installation locations for these files are: \nWindows: `C:\\Program Files\\IBM\\RationalTestControlPanel\\ \n` AIX, Linux, Solaris: `/opt/IBM/RationalTestControlPanel/`\n 5. Copy the contents of the \"httptcp\" directory as a backup.\n 6. Unzip the download fix into the `RationalTestControlPanel` directory, overwriting the existing files. \n 7. Start the HTTP/TCP proxy. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-05T11:02:07", "type": "ibm", "title": "Security Bulletin: Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench affected by Netty vulnerabilities (CVE-2020-7238, CVE-2019-16869, CVE-2019-20445, CVE-2019-20444)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-03-05T11:02:07", "id": "0DE3A792FAD190B8655979FB1A21DC1E0CA059ED9214541E3BEA65B864F0D32D", "href": "https://www.ibm.com/support/pages/node/5692628", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-07T21:47:23", "description": "## Summary\n\nNetty could provide various potential exploitable entry points icnluding weaker than expected security, netty-codec is vulnerable to a denial of service, and HTTP request smuggling\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-37137](<https://vulners.com/cve/CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-11612](<https://vulners.com/cve/CVE-2020-11612>) \n** DESCRIPTION: **Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoders. By sending a large ZlibEncoded byte stream, a remote attacker could exploit this vulnerability to exhaust memory resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-7238](<https://vulners.com/cve/CVE-2020-7238>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175398](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175398>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-16869](<https://vulners.com/cve/CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-37136](<https://vulners.com/cve/CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Order Management| 10.0 \n \n\n\n## Remediation/Fixes\n\nOrder Management on premise release notes - <https://www.ibm.com/docs/en/order-management-sw/10.0?topic=software-fixes-by-fix-pack-version>\n\nFix Central Link (**FP details URL)**: \n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FSterling+Selling+and+Fulfillment+Foundation&amp;fixids=10.0.0.0-Sterling-SSFF-All-fp29-Installer&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FSterling+Selling+and+Fulfillment+Foundation&fixids=10.0.0.0-Sterling-SSFF-All-fp29-Installer&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-10-20T18:47:42", "type": "ibm", "title": "Security Bulletin: IBM Sterling Order Management Netty 4.1.34 vulnerablity", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2019-9518", "CVE-2020-11612", "CVE-2020-7238", "CVE-2021-37136", "CVE-2021-37137"], "modified": "2022-10-20T18:47:42", "id": "E74C53C459F7FE1C89AE67FEC29B42B1B0BF95AA1A5FE3D3CA36BD71ABE75230", "href": "https://www.ibm.com/support/pages/node/6830983", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T17:46:49", "description": "## Summary\n\nVulnerabilities in Netty used by IBM Netcool Agile Service Manager have been identified. Netcool Agile Service Manager has addressed the CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netcool Agile Service Manager| 1.1 \n| \n \n\n\n## Remediation/Fixes\n\nUpdate to IBM Netcool Agile Service Manager 1.1.7 which will be available on 20 March 2020. \n\nTo install Netcool\u00ae Agile Service Manager Version 1.1.7, you download the installation images from IBM\u00ae Passport Advantage\u00ae. You then follow standard installation procedures, whether you install a new instance of Agile Service Manager, or upgrade an existing version.\n\n# [Download Netcool Agile Service Manager v1.1.7 (updated 31 January 2020)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043717>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-31T22:16:20", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Netty affect IBM Netcool Agile Service Manager", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-03-31T22:16:20", "id": "9637EBA6484BD28F500A4FB042427C33540202FCFEE1C248C5FC5C788BB997D1", "href": "https://www.ibm.com/support/pages/node/6147975", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:44:00", "description": "## Summary\n\nNetty is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Netty within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not use that utility then you are not affected by this bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 2 or later \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-28T17:05:23", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in netty affect IBM Operations Analytics Predictive Insights (CVE-2019-9514, CVE-2019-9512, CVE-2019-9518, CVE-2019-9515)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-02-28T17:05:23", "id": "2EA2C9FAC993C6AEC32EA8F89FBD4374B89508FE14BFE1942351C36F204DE9B5", "href": "https://www.ibm.com/support/pages/node/5277639", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:38:53", "description": "## Summary\n\nThere are vulnerabilities in Netty used by IBM Transparent Cloud Tiering. IBM Transparent Cloud Tiering has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n \n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n \n**CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n \n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nTransparent Cloud Tiering 1.1.1.0 thru 1.1.3.10 \nTransparent Cloud Tiering 1.1.5.0 thru 1.1.7.2\n\n## Remediation/Fixes\n\nFor Transparent Cloud Tiering 1.1.1.0 thru 1.1.3.10 , apply Transparent Cloud Tiering 1.1.3.11 bundled with IBM Spectrum Scale V4.2.3.19 available from FixCentral at: \n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=4.2.3&amp;platform=All&amp;function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.2.3&platform=All&function=all>)\n\nFor Transparent Cloud Tiering 1.1.5.0 thru 1.1.7.2, apply Transparent Cloud Tiering 1.1.7.3 bundled with IBM Spectrum Scale V5.0.4.1 available from FixCentral at:\n\n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=5.0.4&amp;platform=All&amp;function=all](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.3&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-08T05:54:30", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Netty affect IBM Transparent Cloud Tiering", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-01-08T05:54:30", "id": "EDBCE2D5797575D019533793BC0DBD438D1B65A6557C755729CCDB2B49BEFFB5", "href": "https://www.ibm.com/support/pages/node/1109781", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T21:59:32", "description": "## Summary\n\nNetty denial of service vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Control| 5.3.0 - 5.3.3 \n \n\n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable. \n\nStarting with 5.2.8, Tivoli Storage Productivity Center has been renamed to IBM Spectrum Control.\n\n**Release**| \n\n**First Fixing **\n\n**VRM Level**\n\n| **Link to Fix \n** \n---|---|--- \n5.3| 5.3.4| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n \n\n\n**Note:** It is always recommended to have a current backup before applying any update procedure. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-22T20:10:14", "type": "ibm", "title": "Security Bulletin: Netty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9514, CVE-2019-9512, CVE-2019-9518, CVE-2019-9515)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2022-02-22T20:10:14", "id": "8507B058C81047318472EE4CA22600AD2B6A70184CB90B2496F848C8119E7F48", "href": "https://www.ibm.com/support/pages/node/1172470", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T21:49:56", "description": "## Summary\n\nIBM Security Guardium has fixed this vulnerability \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium| 11.2 \n \n\n\n## Remediation/Fixes\n\nProduct| Versions| Fix \n---|---|--- \nIBM Security Guardium| 11.2| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Secur\u2026](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p215_Bundle_Sep-24-2020&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-13T15:50:09", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by a jackson-databind vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-10-13T15:50:09", "id": "BD73CB304818422172D48F1453A9EBB4A928DE6BC130FF8EE26D6D8B3208D65E", "href": "https://www.ibm.com/support/pages/node/6347600", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:52:27", "description": "## Summary\n\njackson-databind (Publicly disclosed vulnerability) found in Network Performance Insight \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Network Performance Insight| 1.3 \nIBM Network Performance Insight| 1.3.1 \n \n\n\n## Remediation/Fixes\n\nFix of this vulnerability is addressed in following interim fix releases. \n\n1) NPI 1.3.1 \nInterim Fix Name: 1.3.1.0-TIV-NPI-IF0003 \nDirect Interim Fix URL: [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.1.0-TIV-NPI-IF0003](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.1.0-TIV-NPI-IF0003>)\n\n2) NPI 1.3 \nInterim Fix Name: 1.3.0.0-TIV-NPI-IF0007 \nDirect Interim Fix URL: [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.0.0-TIV-NPI-IF0007&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.0.0-TIV-NPI-IF0007&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-04T18:51:02", "type": "ibm", "title": "Security Bulletin: jackson-databind (Publicly disclosed vulnerability) found in Network Performance Insight", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-08-04T18:51:02", "id": "0379C9040F7E8982FD18FFF1727FD0676E6F3BCB92CA33BC6BBB1D9F7F79D8B4", "href": "https://www.ibm.com/support/pages/node/6256124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T17:46:37", "description": "## Summary\n\nMultiple vulnerabilities exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3, V7.2.1, V7.2.0.2, and V7.1.2, and IBM Platform Symphony V7.1.1 and V7.1 Fix Pack 1. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.10.1 (which resolves these vulnerabilities) are available on IBM Fix Central. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Spectrum Symphony| 7.3 \nIBM Spectrum Symphony| 7.2.1 \nIBM Spectrum Symphony| 7.2.0.2 \nIBM Spectrum Symphony| 7.1.2 \nIBM Platform Symphony| 7.1.1 \nIBM Platform Symphony| 7.1 Fix Pack 1 \n \n\n\n## Remediation/Fixes\n\nIBM Spectrum Symphony 7.3| [sym-7.3-build535377](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.3-build535377&includeSupersedes=0>) \n---|--- \nIBM Spectrum Symphony 7.2.1| [sym-7.2.1-build535376](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.1-build535376&includeSupersedes=0>) \nIBM Spectrum Symphony 7.2.0.2| [sym-7.2.0.2-build535375](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.0.2-build535375&includeSupersedes=0>) \nIBM Spectrum Symphony 7.1.2| \n\n[sym-7.1.2-build535374](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1.2-build535374&includeSupersedes=0>) \n \nIBM Platform Symphony 7.1.1| [sym-7.1.1-build535373](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Platform+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1.1-build535373&includeSupersedes=0>) \nIBM Platform Symphony 7.1 Fix Pack 1| [sym-7.1-build535372](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Platform+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1-build535372&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-10T01:55:37", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-04-10T01:55:37", "id": "CADD0A9E8A680423FD0A81161E62A65738EA5B5EF30BB7A2C437B73EE05D82D8", "href": "https://www.ibm.com/support/pages/node/6174489", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-24T05:44:32", "description": "## Summary\n\nIBM Worklight/MobileFoundation has addressed the following vulnerability. WebSphere Liberty susceptible to HTTP2 implementation vulnerablility.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MobileFirst Platform Foundation | 7.1.0.0 - using the scripts (BYOL) \nIBM MobileFirst Foundation | 8.0.0.0 - ICP, IKS or using the scripts (BYOL) \n \n## Remediation/Fixes\n\n**Product** | **VRMF** | **Remediation/First Fix** \n---|---|--- \nIBM MobileFirst Platform Foundation | 7.1.0.0 | Download the iFix from [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=7.1.0.0-MFPF-IF202001091150&source=SAR> \"IBM MobileFirst Platform Foundation on FixCentral\" ) \nIBM MobileFirst Platform Foundation | 8.0.0.0 | Download the iFix from [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=8.0.0.0-MFPF-IF202001211306&source=SAR> \"IBM MobileFirst Platform Foundation on FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-22T10:34:59", "type": "ibm", "title": "Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerablility.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-02-22T10:34:59", "id": "97843D709F3A1D21B079AF090609D06C8232BD6B0AF9C686DC60FF6355F3EF04", "href": "https://www.ibm.com/support/pages/node/3285615", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:38:58", "description": "## Summary\n\nIBM Cloud Private is vulnerable to IBM WebSphere Application Server Liberty vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.0 CD \n \n\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.0\n * IBM Cloud Private 3.2.1\n\nFor IBM Cloud Private 3.2.0, apply November fix pack:\n\n * [IBM Cloud Private 3.2.0.1911 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private&fixids=icp-3.2.0.1911-build537047-33559&source=myna&myns=swgother&mynp=OCSSBS6K&mync=E&cm_sp=swgother-_-OCSSBS6K-_-E&function=fixId&parent=ibm/WebSphere> \"IBM Cloud Private 3.2.0.1911 fix pack\" )\n\nFor IBM Cloud Private 3.2.1, apply November fix pack:\n\n * [IBM Cloud Private 3.2.1.1911 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private&fixids=icp-3.2.1.1911-build537046-33560&source=myna&myns=swgother&mynp=OCSSBS6K&mync=E&cm_sp=swgother-_-OCSSBS6K-_-E&function=fixId&parent=ibm/WebSphere> \"IBM Cloud Private 3.2.1.1911 fix pack\" )\n \n\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2: \n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.1. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-30T16:21:57", "type": "ibm", "title": "Security Bulletin: IBM Cloud Private is vulnerable to IBM WebSphere Application Server Liberty vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2019-12-30T16:21:57", "id": "89B069E991BD00EAC14F399834EE2BC60C62E828E55A6A24AFFA5A3369CC3023", "href": "https://www.ibm.com/support/pages/node/1165852", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:38:55", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM WebSphere Liberty that affect IBM WIoTP MessageGateway.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM WIoTP MessageGateway| 5.0.0.1 \nIBM IoT MessageSight| 5.0.0.0 \nIBM IoT MessageSight| 2.0 \n \n\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM WIoTP MessageGateway_| \n\n_5.0.0.2_\n\n| \n\n_IT31139_\n\n| [_5.0.0.2-IBM-IMA-IFIT31139_](<https://www.ibm.com/support/pages/node/1142656>) \n_IBM MessageSight_| \n\n_5.0.0.0_\n\n| \n\n_IT31139_\n\n| [_5.0.0.0-IBM-IMA-IFIT31139_](<https://www.ibm.com/support/pages/node/1142680>) \n_IBM MessageSight_| \n\n_2.0.0.2_\n\n| \n\n_IT31139_\n\n| [_2.0.0.2-IBM-IMA-IFIT31139_](<https://www.ibm.com/support/pages/node/1142686>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-03T21:21:12", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Liberty affect IBM WIoTP MessageGateway", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-01-03T21:21:12", "id": "413EFD2051B06CEFCDFB6A85E56D412853059B72C27BDAC4B5D06E384C0A787D", "href": "https://www.ibm.com/support/pages/node/1167898", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:46:33", "description": "## Summary\n\nWebSphere Liberty susceptible to HTTP2 implementation vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**\n\n| \n\n**Version(s)** \n \n---|--- \n \nIBM Control Center\n\n| \n\n6.0.0.0 through 6.0.0.2 iFix08 \n \nIBM Control Center\n\n| \n\n6.1.0.0 through 6.1.2.1 iFix01 \n \n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**iFix**\n\n| \n\n**Remediation** \n \n---|---|---|--- \n \nIBM Control Center\n\n| \n\n6.0.0.2\n\n| \n\niFix09\n\n| \n\n[Fix Central - 6.0.0.2](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.0.0.2&platform=All&function=all>) \n \nIBM Control Center\n\n| \n\n6.1.2.1\n\n| \n\niFix02\n\n| \n\n[Fix Central - 6.1.2.1](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.1.2.1&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-28T21:55:07", "type": "ibm", "title": "Security Bulletin: Multiple Websphere to HTTP2 implementation vulnerabilities affect IBM Control Center", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-01-28T21:55:07", "id": "6AC8F8C50686802A05555281D5D05D5AB8997C027EADF699A3A6C4352B28516B", "href": "https://www.ibm.com/support/pages/node/1284550", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T17:47:29", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed following vulnerabilities: CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9514, CVE-2019-9513\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.0.2 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 2.0.3 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-19T18:41:30", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by vulnerabilities in WebSphere Application Server Liberty (CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9514, CVE-2019-9513)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-03-19T18:41:30", "id": "71525D0BC11FF3C2AE36A5A8748786A694B3AD31C21D312B76C386103E66D0D0", "href": "https://www.ibm.com/support/pages/node/6100198", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:43:35", "description": "## Summary\n\nThere are multiple vulnerabilities in the WebSphere Application Server Liberty HTTP/2 implementation that is used by Watson Knowledge Catalog for IBM Cloud Pak for Data. This affects various Watson Knowledge Catalog services. These vulnerabilities have been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Knowledge Catalog for IBM Cloud Pak for Data| 2.5 \n \n\n\n## Remediation/Fixes\n\nInstall wkc-patch-3.0.0.3 for IBM Cloud Pak for Data. \n\nContact IBM support for more details.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-11T15:28:43", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by Watson Knowledge Catalog for IBM Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-03-11T15:28:43", "id": "0AF0D1ABD7511641350D2C0A10AF6B5BB4A0ABFC6C05902B5F1C5E07C1566C95", "href": "https://www.ibm.com/support/pages/node/5695545", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:38:03", "description": "## Summary\n\nSeveral issues were reported against the HTTP/2 implementation used by IBM WebSphere Application Server Liberty Profile which is used to host the IBM MQ Console and REST API.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ Appliance | 8.0 \nIBM MQ and IBM MQ Appliance | 9.1 LTS \nIBM MQ and IBM MQ Appliance | 9.1 CD \n \n## Remediation/Fixes\n\n**IBM MQ Appliance V8** \nApply [FixPack 8.0.0.14](<https://www.ibm.com/support/pages/node/1282120>) \n \n**IBM MQ and IBM MQ Appliance V9.1 LTS** \nApply [FixPack 9.1.0.4](<https://www.ibm.com/support/pages/downloading-ibm-mq-version-9104>) \n \n**IBM MQ and IBM MQ Appliance V9.1 CD** \nUpgrade to [IBM MQ 9.1.4](<https://www.ibm.com/support/pages/downloading-ibm-mq-version-914-continuous-delivery>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-28T12:25:31", "type": "ibm", "title": "Security Bulletin: IBM MQ Console and REST API are vulnerable to multiple Denial of service attacks within HTTP/2 (CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9514, CVE-2019-9512, CVE-2019-9513)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-02-28T12:25:31", "id": "9A96669F651314B055987343933B2F58BB66C71D7B13E3E61735C74B9F85DCFD", "href": "https://www.ibm.com/support/pages/node/1106055", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:46:29", "description": "## Summary\n\nAsset Analyzer (RAA) has addressed the following Websphere Application Server vulnerabilities. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAsset Analyzer (RAA)| 6.0.0.0 - 6.0.0.22 \n \n\n\n## Remediation/Fixes\n\nProduct| VRMF| APAR| Remediation / First Fix \n---|---|---|--- \nRational Asset Analyzer| 6.1.0.23| None| [RAA 6.1.0.23](<https://www.ibm.com/support/pages/fix-list-rational-asset-analyzer>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-31T17:16:54", "type": "ibm", "title": "Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-01-31T17:16:54", "id": "BAA73579218EAF992EC9ED8D793E7E82890C87BD059F752A5C63A36CAA54386B", "href": "https://www.ibm.com/support/pages/node/1288210", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-23T21:42:45", "description": "## Summary\n\nThere are multiple vulnerabilities in the HTTP/2 implementation that is used by WebSphere Application Server Liberty. This affects the servlet-4.0 and servlet-3.1 features. These vulnerabilities have been addressed.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164904> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/165183> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/165181> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164640> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164639> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164903> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect the following versions and releases of IBM WebSphere Application Server:\n\n * Liberty 18.0.0.2 - 19.0.0.9\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the interim fix, Fix Pack or PTF containing the APAR for each named product as soon as practical.\n\n**For WebSphere Application Server Liberty** **using servlet-4.0 or servlet-3.1**** feature:**\n\n\u00b7 Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix [PH16611 ](<https://www.ibm.com/support/pages/node/1086897>) \n\\--OR-- \n\u00b7 Apply Fix Pack 19.0.0.10 or later (targeted availability 4Q2019).\n\nAdditional interim fixes may be available and linked off the interim fix download page.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-14T16:06:27", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by WebSphere Application Server Liberty", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2019-10-14T16:06:27", "id": "A364D6B382E97F9FDC09D590395E985715FD9927D26F193255B81A2C9A6502FE", "href": "https://www.ibm.com/support/pages/node/1072860", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-23T21:44:01", "description": "## Summary\n\nManaged Istio (Beta) on IBM Cloud Kubernetes Service is affected by Envoy security vulnerabilities that can result in a denial-of-service attack (CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518 and CVE-2019-15225).\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164903> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164639> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164640> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/165181> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164904> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-15225](<https://vulners.com/cve/CVE-2019-15225>) \nDescription: Envoy is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request with long URL, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/165554> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Cloud Kubernetes Service 1.13 and above with Managed Istio (Beta) 1.2.4 and lower enabled.\n\n## Remediation/Fixes\n\nUpdates for the Managed Istio (Beta) add-on are available that fix these vulnerabilities. \n\n\nUse the following IBM Cloud CLI command to confirm the currently running version of Managed Istio (Beta) enabled in a cluster:\n \n \n ibmcloud ks cluster-addons <cluster-name>\n \n\nUpgrade to Managed Istio (Beta) 1.2.5 or later, by following the [Istio Update instructions](<https://cloud.ibm.com/docs/containers?topic=containers-istio#istio_update>).\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nCreated draft bulletin for PSIRT record 142166 and 143096\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSJTBP\",\"label\":\"IBM Cloud Kubernetes Service\"},\"Component\":\"Istio\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB21\",\"label\":\"Public Cloud Platform\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-12T12:06:39", "type": "ibm", "title": "Security Bulletin: Managed Istio (Beta) on IBM Cloud Kubernetes Service is affected by Envoy security vulnerabilities (CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518 and CVE-2019-15225)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15225", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2019-09-12T12:06:39", "id": "6333F0A32398D30524C10CF8627B6258A5C4483AF088DB24CBDE988CA4E126E6", "href": "https://www.ibm.com/support/pages/node/1072708", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T17:47:00", "description": "## Summary\n\nWebSphere Liberty susceptible to HTTP2 implementation vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nNovaLink| 1.0.0.13 \nNovaLink| 1.0.0.15 \n \n\n\n## Remediation/Fixes\n\nFixes are available on latest supported Novalink version 1.0.0.16 \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-26T12:19:25", "type": "ibm", "title": "Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-03-26T12:19:25", "id": "0C931C8FB3337ADB707B8C54D7D2E65C09B2A9067AF3442FB5EDF49ED471F44A", "href": "https://www.ibm.com/support/pages/node/6120651", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:42:23", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM\u00ae WebSphere Liberty ,Version 8.5.5.8 used by IBM Tivoli Application Dependency Discovery Manager (TADDM)\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Tivoli Application Dependency Discovery Manager | 7.3.0.5 - 7.3.0.7 \n \n## Remediation/Fixes\n\nIn order to fix this vulnerability, Liberty was upgraded from 8.5.5.8 to 20.0.0.1. This upgrade is now available as part of TADDM 7.3.0.7 (TIV-ITADDM-FP0007) release.\n\nFor download of the FixPack, please refer the below FixCentral Link : \n\nDownload Link : [FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Application+Dependency+Discovery+Manager&fixids=7.3-TIV-ITADDM-FP0007&source=SAR> \"FixCentral\" )\n\n**Fix** | **VRMF** | **APAR** | **How to acquire fix** \n---|---|---|--- \nefix_WLP_PSIRT_20001_FP5180802.zip | 7.3.0.5 | None | [Download eFix](<https://www.secure.ecurep.ibm.com/download/?id=VfcOQ8sCje6SJgjgz0F4lrr5GpDAaeM315TgIPim1iI>) \nefix_WLP_PSIRT_20001_FP6190313.zip | 7.3.0.6 | None | [Download eFix](<https://www.secure.ecurep.ibm.com/download/?id=QOSpQ0GKgpygaBeViFDKCQ2pltAUCGt2pQH7HYlhcVk>) \n \n**_Note:_**\n\n * Before TADDM 7.3.0.5, Java 7 was used and the upgraded Liberty version 20.0.0.1 requires Java8. Hence, no eFix can be provided for versions before 7.3.0.5\n\n * There are 4 Security Bulletins of WAS Liberty, which provide the same efix for remediation as they all require an upgrade to WAS Liberty 20.0.0.1. An efix of any of these bulletins can be applied. The bulletins for reference are as follows: \n * [Security Bulletin: Bypass security restrictions in WAS Liberty](<https://www.ibm.com/support/pages/node/5693193>)\n * [Security Bulletin: Cookie created without secure flag WAS Liberty](<https://www.ibm.com/support/pages/node/5693217>)\n * [Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities](<https://www.ibm.com/support/pages/node/5691194>)\n * [Security Bulletin: Stack is displayed in WebSphere Application Server](<https://www.ibm.com/support/pages/node/5693223>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-22T17:31:17", "type": "ibm", "title": "Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-05-22T17:31:17", "id": "B3F4AA1A1992E6D3190AE7943B4F2C3504BE89943C73FA50CD108D6F916DEA0B", "href": "https://www.ibm.com/support/pages/node/5691194", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:46:28", "description": "## Summary\n\nRational Asset Analyzer (RAA) has addressed the following WebSphere Application Server vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAsset Analyzer (RAA)| 6.0.0.0 - 6.0.0.22 \n \n\n\n## Remediation/Fixes\n\nProduct| VRMF| APAR| Remediation / First Fix \n---|---|---|--- \nRational Asset Analyzer| 6.1.0.23| None| [RAA 6.1.0.23](<https://www.ibm.com/support/pages/fix-list-rational-asset-analyzer>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-31T17:21:24", "type": "ibm", "title": "Security Bulletin: Rational Asset Analyzer (RAA) is affected by several WebSphere Application Server vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-01-31T17:21:24", "id": "17167E9B7772FCC3C13341661C717A788FBA9411691E4C6CEEBFD6C6E3A96690", "href": "https://www.ibm.com/support/pages/node/1288228", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T21:47:54", "description": "## Summary\n\nThere are multiple vulnerabilities in the HTTP/2 implementation that is used by WebSphere Application Server Liberty. This affects the servlet-4.0 and servlet-3.1 features. These vulnerabilities have been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n** CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n** DESCRIPTION: **Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLiberty for Java| 3.37 \n \n\n\n## Remediation/Fixes\n\nTo upgrade to Liberty for v3.39-20191121-1047 or higher, you must re-stage or re-push your application. \n\nTo find the current version of Liberty for Java in IBM Cloud being used, from the command-line Cloud Foundry client by running the following commands:\n\ncf ssh &lt;appname&gt; -c cat \"staging_info.yml\"\n\nLook for the following lines:\n\n{\"detected_buildpack\":\"Liberty for Java(TM) (WAR, liberty-18.0.0_3, buildpack-v3.25-20180918-1034, ibmjdk-1.8.0_20180214, env)\",\"start_command\":\".liberty/initial_startup.rb\"} \n\nTo re-stage your application using the command-line Cloud Foundry client, use the following command:\n\ncf restage &lt;appname&gt;\n\nTo re-push your application using the command-line Cloud Foundry client, use the following command:\n\ncf push &lt;appname&gt;\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-07T16:01:56", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by Liberty for Java for IBM Cloud", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2022-10-07T16:01:56", "id": "59A24344B16F41FDA29E13AC82F85E48C72A67AD619672DE0CAC8898427FEE09", "href": "https://www.ibm.com/support/pages/node/1128387", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-27T17:43:23", "description": "## Summary\n\nThis security bulletin addresses the vulnerabilities in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-12423](<https://vulners.com/cve/CVE-2019-12423>) \n**DESCRIPTION: **Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ships with OpenId Connect JWK Keys service. By accessing the JWK keystore file, an attacker could exploit this vulnerability to obtain the public keys in JWK format, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2019-17573](<https://vulners.com/cve/CVE-2019-17573>) \n**DESCRIPTION: **Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174689](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174689>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)** | **Version(s)** \n---|--- \nIBM Tivoli Application Dependency Discovery Manager | 7.3.0.0 - 7.3.0.7 \n \n## Remediation/Fixes\n\n**Fix** | **VRMF** | **APAR** | **How to acquire fix** \n---|---|---|--- \nefix_TADDM7307_CXF3212_FP7200218.zip | 7.3.0.5 - 7.3.0.7 | None | [Download eFix](<https://www.secure.ecurep.ibm.com/download/?id=tW6TaLNSkssKVXDLIBe7yBxXyEKOoI9YdNtdmm8h4xA> \"Download eFix\" ) \n \nNote: Before TADDM 7.3.0.5, Java 7 was used and this CXF fix is applicable to Java8. Hence, no eFix can be provided for versions before 7.3.0.5.\n\n## Workarounds and Mitigations\n\nFor customers on TADDM FixPack 3 or FixPack 4, recommendation is to upgrade to the latest version and then apply the efix directly.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-13T13:29:07", "type": "ibm", "title": "Security Bulletin: Multiple Apache CXF vulnerabilities identified in IBM Tivoli Application Dependency Discovery Manager.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12423", "CVE-2019-17573"], "modified": "2021-04-13T13:29:07", "id": "D3DCE49F85FE68AF51C5D2B463504D5A7870D422F5ACFC1E2C0DCB64F7543F5E", "href": "https://www.ibm.com/support/pages/node/6190485", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:55:27", "description": "## Summary\n\nNetty is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11612](<https://vulners.com/cve/CVE-2020-11612>) \n** DESCRIPTION: **Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoders. By sending a large ZlibEncoded byte stream, a remote attacker could exploit this vulnerability to exhaust memory resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \ngpfs.tct.server| 1.1.2 \ngpfs.tct.server| 1.1.6 \ngpfs.tct.server| 1.1.1 \ngpfs.tct.server| 1.1.5 \ngpfs.tct.server| 1.1.7 \ngpfs.tct.server| 1.1.3 \n \n\n\n## Remediation/Fixes\n\nFor Transparent Cloud Tiering 1.1.1.0 thru 1.1.7.4, apply Transparent Cloud Tiering 1.1.8.0 bundled with IBM Spectrum Scale V5.0.5.0 available from Fix Central at: \n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=5.0.5&amp;platform=All&amp;function=all](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.5&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-26T15:39:38", "type": "ibm", "title": "Security Bulletin: A vulnerability in netty affects IBM Spectrum Scale Transparent Cloud Tiering(CVE-2020-7238)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11612", "CVE-2020-7238"], "modified": "2020-05-26T15:39:38", "id": "46F19B07C11D71E357D28FD4B0BFDE347B5C2272A359685427860584D313AC3E", "href": "https://www.ibm.com/support/pages/node/6216871", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:49:58", "description": "## Summary\n\nIBM Security Guardium Insights has addressed the following vulnerability\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n**DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n**DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nInitial Release | 2.0.0 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium Insights | 2.0.1 | [https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&amp;mhq=pasport%20advantage](<https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-10-09T19:48:10", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium Insights is affected by a Netty vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-10-09T19:48:10", "id": "FBF04463FD979054AD645A3FD172D5826C3ABE6D6D2F80B590982B60B574F03D", "href": "https://www.ibm.com/support/pages/node/6214358", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T21:50:35", "description": "## Summary\n\nSecurity vulnerabilities affect IBM Cloud Private \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.2 CD \n \n\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.1\n * IBM Cloud Private 3.2.2\n\nFor IBM Cloud Private 3.2.1, apply Aug fix pack:\n\n * [IBM Cloud Private 3.2.1.2008](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1.2008-build559105-39042&includeSupersedes=0> \"IBM Cloud Private 3.2.1.2008\" )\n\nFor IBM Cloud Private 3.2.2, apply Aug fix pack:\n\n * [IBM Cloud Private 3.2.2.2008](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.2.2008-build559106-39079&includeSupersedes=0> \"IBM Cloud Private 3.2.2.2008\" )\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.2.2008. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-09-27T17:34:59", "type": "ibm", "title": "Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Netty (CVE-2019-20445, CVE-2019-20444)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-09-27T17:34:59", "id": "3406F3BF171E35059DD6F774A38295A04425479DF9DD7838A3961F77179002A0", "href": "https://www.ibm.com/support/pages/node/6338533", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T17:47:24", "description": "## Summary\n\nNetty is a dependency component shipped with the IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library for Message Bus Integration. Information about security vulnerabilities affecting Netty has been published. (CVE-2019-20445, CVE-2019-20444)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| common-transportmodule-12_0 up to and including common-transportmodule-23_0 \n \n\n\n## Remediation/Fixes\n\nUpdated Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| [common-transportmodule-24_0](<https://www.ibm.com/support/pages/node/256461> \"common-transportmodule-24_0\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-20T10:48:48", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities have been identified in Netty shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library (CVE-2019-20445, CVE-2019-20444)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-03-20T10:48:48", "id": "34A4E9094B63E95B04667FF24314DB81C77972919C797EFDEBE3C15AA4A5A38A", "href": "https://www.ibm.com/support/pages/node/6113458", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-24T05:44:05", "description": "## Summary\n\nNetty is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Netty within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not use that utility then you are not affected by this bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Operations Analytics Predictive Insights| 1.3.6 \n \n\n\n## Remediation/Fixes\n\nApply 1.3.6 Interim Fix 2 or later \n[https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&amp;release=1.3.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Predictive+Insights&release=1.3.6>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-28T16:03:44", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in netty affect IBM Operations Analytics Predictive Insights (CVE-2019-20445, CVE-2019-20444)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-02-28T16:03:44", "id": "6CFEA65AF68FE49C29265727A9FD2E01141DBC6B1625D7E5D920D91E7FA200ED", "href": "https://www.ibm.com/support/pages/node/5225085", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T21:55:29", "description": "## Summary\n\nNetty is used by IBM Spectrum Scale Transparent Cloud Tiering. IBM Spectrum Scale Transparent Cloud Tiering has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \ngpfs.tct.server| 1.1.2 \ngpfs.tct.server| 1.1.6 \ngpfs.tct.server| 1.1.1 \ngpfs.tct.server| 1.1.5 \ngpfs.tct.server| 1.1.7 \ngpfs.tct.server| 1.1.3 \n \n\n\n## Remediation/Fixes\n\nFor Transparent Cloud Tiering 1.1.1.0 thru 1.1.7.4, apply Transparent Cloud Tiering 1.1.8.0 bundled with IBM Spectrum Scale V5.0.5.0 available from Fix Central at: \n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&amp;product=ibm/StorageSoftware/IBM+Spectrum+Scale&amp;release=5.0.5&amp;platform=All&amp;function=all](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.5&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-05-26T15:17:05", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in netty affect IBM Spectrum Scale Transparent Cloud Tiering (CVE-2019-20445, CVE-2019-20444)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-05-26T15:17:05", "id": "6DF9AFE7279E82CAE8ADD0F98C4AD5550237D2F9C298E1A2E25298339AD86616", "href": "https://www.ibm.com/support/pages/node/6216874", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-07T21:58:32", "description": "## Summary\n\nIBM WebSphere Application Server Liberty is vulnerable to Apache CXF cross-site scripting and denial of service . These vulnerabilities affect IBM Spectrum Control.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17573](<https://vulners.com/cve/CVE-2019-17573>) \n** DESCRIPTION: **Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174689](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174689>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-12406](<https://vulners.com/cve/CVE-2019-12406>) \n** DESCRIPTION: **Apache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of message attachments present in a given message. By sending a specially-crafted message containing an overly large number of message attachments, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Control| 5.3.0 - 5.3.6 \n \n\n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable. \n\n** Release**| **First Fixing** \n**VRM Level**| ** Link to Fix** \n---|---|--- \n5.3| 5.3.7| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-03-23T22:07:22", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect BM Spectrum Control (CVE-2019-17573, CVE-2019-12406)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12406", "CVE-2019-17573"], "modified": "2022-03-23T22:07:22", "id": "788251FD7397EDDA8B4E4DF8AACBE1D142303877A23213E980EDE042998B46CF", "href": "https://www.ibm.com/support/pages/node/6212155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:52:29", "description": "## Summary\n\nThere are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-4410](<https://vulners.com/cve/CVE-2020-4410>) \n** DESCRIPTION: **IBM Engineering Test Management could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-4542](<https://vulners.com/cve/CVE-2020-4542>) \n** DESCRIPTION: **IBM Engineering Requirements Management DOORS Next Generation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-4525](<https://vulners.com/cve/CVE-2020-4525>) \n** DESCRIPTION: **IBM Engineering Workflow Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182435](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182435>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14893](<https://vulners.com/cve/CVE-2019-14893>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using the xalan JNDI gadget. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14892](<https://vulners.com/cve/CVE-2019-14892>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using commons-configuration 1 and 2 JNDI classes. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177106](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177106>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **Multiple Huawei products could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data without proper validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20330](<https://vulners.com/cve/CVE-2019-20330>) \n** DESCRIPTION: **A lacking of certain net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173897](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173897>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n** DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-16943](<https://vulners.com/cve/CVE-2019-16943>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the p6spy class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16942](<https://vulners.com/cve/CVE-2019-16942>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the commons-dbcp class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariDataSource. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-14439](<https://vulners.com/cve/CVE-2019-14439>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue when Default Typing is enabled. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-12384](<https://vulners.com/cve/CVE-2019-12384>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the logback-core class from polymorphic deserialization. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162849](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162849>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-2785](<https://vulners.com/cve/CVE-2020-2785>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179685](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179685>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-2784](<https://vulners.com/cve/CVE-2020-2784>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179684](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179684>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-2787](<https://vulners.com/cve/CVE-2020-2787>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179687](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179687>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-2783](<https://vulners.com/cve/CVE-2020-2783>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179683](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179683>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-2786](<https://vulners.com/cve/CVE-2020-2786>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-4396](<https://vulners.com/cve/CVE-2020-4396>) \n** DESCRIPTION: **IBM Engineering Test Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nRQM| 6.0.6.1 \nRQM| 6.0.6 \nETM| 7.0.0 \nRQM| 6.0.2 \nEWM| 7.0 \nCLM| 6.0.6.1 \nCLM| 6.0.6 \nELM| 7.0 \nCLM| 6.0.2 \nRDNG| 6.0.2 \nRDNG| 6.0.6.1 \nRDNG| 6.0.6 \nDOORS Next| 7.0 \n \n\n\n## Remediation/Fixes\n\nFor the 6.0 - 7.0 releases:\n\nUpgrade to version 7.0 iFix003 or later\n\n * [IBM Engineering Lifecycle Management 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0&platform=All&function=all> \"IBM Engineering Lifecycle Management 7.0 iFix003\" )\n * [IBM Engineering Requirements Management DOORS Next 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Requirements+Management+DOORS+Next&release=7.0&platform=All&function=all> \"IBM Engineering Requirements Management DOORS Next 7.0 iFix003\" )\n * [IBM Engineering Test Management 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Test+Management&release=7.0&platform=All&function=all> \"IBM Engineering Test Management 7.0 iFix003\" )\n * [IBM Engineering Workflow Management 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0&platform=All&function=all> \"IBM Engineering Workflow Management 7.0 iFix003\" )\n * IBM Engineering Lifecycle Optimization - Engineering Insights:_ _Upgrade to version 7.0 and install server from [ELM 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0&platform=All&function=all> \"ELM 7.0 iFix003\" )\n * IBM Engineering Systems Design Rhapsody - Design Manager:_ _Upgrade to version 7.0 and install server from [ELM 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0&platform=All&function=all> \"ELM 7.0 iFix003\" )\n * IBM Engineering Systems Design Rhapsody - Model Manager:_ _Upgrade to version 7.0 and install server from [ELM 7.0 iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0&platform=All&function=all> \"ELM 7.0 iFix003\" )\n 1. Upgrade to version 6.0.6.1 iFix011 or later\n\n * [Rational Collaborative Lifecycle Management 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6.1&platform=All&function=all>)\n * [Rational Quality Manager 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.6.1&platform=All&function=all>)\n * [Rational Team Concert 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.6.1&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * IBM Rhapsody Model Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix011](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n\nUpgrade to version 6.0.6 iFix017 or later \n\n * [Rational Collaborative Lifecycle Management 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6&platform=All&function=all>)\n * [Rational Quality Manager 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.6&platform=All&function=all>)\n * [Rational Team Concert 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.6&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * IBM Rhapsody Model Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix017](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n\nUpgrade to version 6.0.2 iFix025 or later\n\n * [Rational Collaborative Lifecycle Management 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * [Rational Team Concert 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.2&platform=All&function=all>)\n * [Rational Quality Manager 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.2&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.2&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix025](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n\n \nFor any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \nIf the iFix is not found in the Fix Portal please contact IBM Support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-03T22:41:05", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affects IBM Jazz Foundation and IBM Engineering products.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-20330", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-2783", "CVE-2020-2784", "CVE-2020-2785", "CVE-2020-2786", "CVE-2020-2787", "CVE-2020-4396", "CVE-2020-4410", "CVE-2020-4525", "CVE-2020-4542", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547"], "modified": "2020-08-03T22:41:05", "id": "CCFD0AA6FE0B04D655CB682E840C88D56CFE6066B6B9B349560AFB2C6DFBCB00", "href": "https://www.ibm.com/support/pages/node/6255694", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T17:44:53", "description": "## Summary\n\nIBM Sterilng B2B Integrator has addressed multiple security vulnerabilities in IBM WebSphere Application Server \n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-4720](<https://vulners.com/cve/CVE-2019-4720>) \n**DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172125](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172125>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Sterling B2B Integrator | 5.2.6.1 - 5.2.6.5_1 \nIBM Sterling B2B Integrator | 6.0.0.0 - 6.0.3.1 \n \n## Remediation/Fixes\n\n** Product &amp; Version** | ** Remediation &amp; Fix** \n---|--- \n5.2.6.1 - 5.2.6.5_1 | Apply IBM Sterling B2B Integrator version 5.2.6.5_2 or 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.3.1 | Apply IBM Sterling B2B Integrator version 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-24T17:07:55", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Application Server Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-4720", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-07-24T17:07:55", "id": "7F8E6554F6DA398AA724606DE234AF7EF09A532D4299A3D1BE71DF4204B3FCF6", "href": "https://www.ibm.com/support/pages/node/6208037", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-11T15:25:15", "description": "## Summary\n\nThere are vulnerabilities in IBM WebSphere Application Server bundled with IBM Jazz Team Server based Applications that affect the following products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) and IBM Rhapsody Model Manager.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164904> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/165183> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/165181> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164640> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164639> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164903> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-4505](<https://vulners.com/cve/CVE-2019-4505>) \n**DESCRIPTION:** IBM WebSphere Application Server Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164364> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nRational Collaborative Lifecycle Management 6.0 - 6.0.6.1 \nRational Quality Manager 6.0 - 6.0.6.1 \nRational Team Concert 6.0 - 6.0.6.1 \nRational DOORS Next Generation 6.0 - 6.0.6.1 \nRational Engineering Lifecycle Manager 6.0 - 6.0.6.1 \nRational Rhapsody Design Manager 6.0 - 6.0.6.1\n\nIBM Rhapsody Model Manager 6.0.5 - 6.0.6.1\n\n## Remediation/Fixes\n\nThe IBM Jazz Team Server based Applications bundle different versions of IBM WebSphere Application Server with the available versions of the products, and in addition to the bundled version some previous versions of WAS are also supported. Information about a security vulnerability affecting WAS has been published.\n\nFor CLM applications version 6.0 to 6.0.6.1 review the Security Bulletin below to determine if your WAS version is affected and the required remediation:\n\n[Security Bulletin: Information disclosure in WebSphere Application Server ND (CVE-2019-4505)](<https://www.ibm.com/support/pages/node/964766>) \n[Security Bulletin: Multiple vulnerabilities in HTTP/2 implementation used by WebSphere Application Server Liberty](<https://www.ibm.com/support/pages/node/1072860>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-28T18:35:50", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-4505", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2021-04-28T18:35:50", "id": "764590A4B9E47D7E86F4E1AD3CAA72AF8E48B738F1667323140B928C6A564E13", "href": "https://www.ibm.com/support/pages/node/1104951", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T22:04:40", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed the security vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-20445](<https://vulners.com/cve/CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<https://vulners.com/cve/CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-16869](<https://vulners.com/cve/CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21295](<https://vulners.com/cve/CVE-2021-21295>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper validation of Content-Length header by the Http2MultiplexHandler. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21290](<https://vulners.com/cve/CVE-2021-21290>) \n** DESCRIPTION: **Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| APAR(s)| Version(s) \n---|---|--- \nIBM Sterling B2B Integrator| IT37914| 6.0.1.0 - 6.0.3.4 \nIBM Sterling B2B Integrator| IT37914| 6.1.0.0 - 6.1.0.3 \n \n\n\n## Remediation/Fixes\n\nProduct &amp; Version| Remediation &amp; Fix \n---|--- \n6.0.1.0 - 6.0.3.4| Apply IBM Sterling B2B Integrator version 6.0.3.5 or 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.1.0.0 - 6.1.0.3| Apply IBM Sterling B2B Integrator version 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-10-05T21:05:46", "type": "ibm", "title": "Security Bulletin: Netty Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2021-21290", "CVE-2021-21295"], "modified": "2021-10-05T21:05:46", "id": "91276D3C2731F3DA4DD452E951C9FDEE291112FDC8F824C89A17FB705CD2BB08", "href": "https://www.ibm.com/support/pages/node/6495959", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T21:55:39", "description": "## Summary\n\nMultiple vulnerabilities in WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server were addressed. \n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9515](<https://vulners.com/cve/CVE-2019-9515>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Settings Flood attack. By sending a stream of SETTINGS frames to the peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9518](<https://vulners.com/cve/CVE-2019-9518>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Empty Frame Flooding attack. By sending a stream of frames with an empty payload and without the end-of-stream flag, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164904](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164904>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9517](<https://vulners.com/cve/CVE-2019-9517>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by an Internal Data Buffering attack. By opening the HTTP/2 window so the peer can send without constraint and sending a stream of requests for a large response object, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-9513](<https://vulners.com/cve/CVE-2019-9513>) \n**DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop attack. By creating multiple request streams and continually shuffling the priority of the streams, a remote attacker could consume excessive CPU resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-4720](<https://vulners.com/cve/CVE-2019-4720>) \n**DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172125](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172125>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-12406](<https://vulners.com/cve/CVE-2019-12406>) \n**DESCRIPTION: **Apache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of message attachments present in a given message. By sending a specially-crafted message containing an overly large number of message attachments, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2019-4663](<https://vulners.com/cve/CVE-2019-4663>) \n**DESCRIPTION: **IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171245. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-17495](<https://vulners.com/cve/CVE-2019-17495>) \n**DESCRIPTION: **Swagger UI could allow a remote attacker to obtain sensitive information, caused by a CSS injection flaw. By using the relative path overwrite (RPO) attack technique, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169050](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169050>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nInfoSphere Information Server, Information Server on Cloud | 11.7 \n \n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_APAR_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|---|--- \n \nInfoSphere Information Server, Information Server on Cloud\n\n| \n\n11.7\n\n| \n\n[JR61915](<http://www.ibm.com/support/docview.wss?uid=swg1JR61915> \"JR61915\" )\n\n| \n\n\\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/docview.wss?uid=ibm10878310> \"11.7.1.0\" ) \n\\--Apply IBM InfoSphere Information Server [11.7.1 Fix Pack 1](<https://www.ibm.com/support/pages/node/6209196> \"11.7.1.1\" ) \n \n \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-18T20:22:25", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in WebSphere Application Server Liberty", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12406", "CVE-2019-17495", "CVE-2019-4663", "CVE-2019-4720", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-05-18T20:22:25", "id": "574FC031AF9B64FDFC8B0BF65E22355456EDFA4CF1ECE74E592CA6972407F30F", "href": "https://www.ibm.com/support/pages/node/6207100", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T22:02:21", "description": "## Summary\n\nIBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies that were inadvertently missed during previous scans.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-21409](<https://vulners.com/cve/CVE-2021-21409>) \n** DESCRIPTION: **Netty is vulnerable to request smuggling, caused by improper validation of request, caused by missing validation of content-length. By sending specially-crafted request, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199150](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199150>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-10202](<https://vulners.com/cve/CVE-2019-10202>) \n** DESCRIPTION: **Red Hat JBoss Enterprise Application Platform (EAP) could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization in Codehaus. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n** DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-14893](<https://vulners.com/cve/CVE-2019-14893>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using the xalan JNDI gadget. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-11307](<https://vulners.com/cve/CVE-2018-11307>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an issue when untrusted content is deserialized with default typing enabled. By sending specially-crafted content over FTP, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-17485](<https://vulners.com/cve/CVE-2017-17485>) \n** DESCRIPTION: **Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the default-typing feature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137340](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137340>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20330](<https://vulners.com/cve/CVE-2019-20330>) \n** DESCRIPTION: **A lacking of certain net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173897](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173897>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **Multiple Huawei products could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data without proper validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-20190](<https://vulners.com/cve/CVE-2021-20190>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to a class(es) of JDK Swing. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195243](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195243>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-10172](<https://vulners.com/cve/CVE-2019-10172>) \n** DESCRIPTION: **Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending a specially-crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172436>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14195](<https://vulners.com/cve/CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<https://vulners.com/cve/CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24750](<https://vulners.com/cve/CVE-2020-24750>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188470](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188470>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24616](<https://vulners.com/cve/CVE-2020-24616>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187229](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187229>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36181](<https://vulners.com/cve/CVE-2020-36181>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194376](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194376>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36182](<https://vulners.com/cve/CVE-2020-36182>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194377](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194377>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36186](<https://vulners.com/cve/CVE-2020-36186>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36187](<https://vulners.com/cve/CVE-2020-36187>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36179](<https://vulners.com/cve/CVE-2020-36179>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194374](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194374>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14060](<https://vulners.com/cve/CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36183](<https://vulners.com/cve/CVE-2020-36183>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194378](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194378>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36188](<https://vulners.com/cve/CVE-2020-36188>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36185](<https://vulners.com/cve/CVE-2020-36185>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<https://vulners.com/cve/CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36180](<https://vulners.com/cve/CVE-2020-36180>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36189](<https://vulners.com/cve/CVE-2020-36189>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36184](<https://vulners.com/cve/CVE-2020-36184>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194379](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194379>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Monitoring| before 2.3 Fix Pack 2 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 2 by following the instructions in <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=upgrade-upgrading-fix-pack-2>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-18T15:42:03", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2018-11307", "CVE-2018-19360", "CVE-2018-7489", "CVE-2019-10172", "CVE-2019-10202", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-20330", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25649", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-20190", "CVE-2021-21409"], "modified": "2021-12-18T15:42:03", "id": "16BD53FF8D4AF4008A6B9480C8D62C5AECEF46E4F486EC150D2D9BBC2C7349FC", "href": "https://www.ibm.com/support/pages/node/6528214", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-02-23T21:44:09", "description": "## Summary\n\nIBM Cloud Kubernetes Service is affected by security vulnerabilities in the net/http library of the Go language that affects all Kubernetes components. These vulnerabilities can result in a denial-of-service attack against a process with an HTTP or HTTPS listener (CVE-2019-9512 and CVE-2019-9514).\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164903> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \nDescription: Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/164640> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Cloud Kubernetes Service 1.15.0-1.15.2 \nIBM Cloud Kubernetes Service 1.14.0-1.14.5 \nIBM Cloud Kubernetes Service 1.13.0-1.13.9 \nIBM Cloud Kubernetes Service 1.5-1.12\n\n## Remediation/Fixes\n\nUpdates for IBM Cloud Kubernetes Service clusters at versions 1.13 and later are available that fix these vulnerabilities. IBM Cloud Kubernetes Service will attempt to automatically update your cluster master. However, in some situations, the update may not complete. In addition, you must update cluster worker nodes created before the fix was available to address these vulnerabilities.\n\nTo verify your clusters are no longer exposed, use the following IBM Cloud CLI commands to confirm the currently running versions:\n\n`ibmcloud ks clusters` \n`ibmcloud ks workers --cluster <cluster name or ID>`\n\nIf your cluster versions are at one of the following levels or later, your clusters are no longer exposed to these vulnerabilities:\n\n[1.13.10](<https://cloud.ibm.com/docs/containers?topic=containers-changelog#11310_1534>) \n[1.14.6](<https://cloud.ibm.com/docs/containers?topic=containers-changelog#1146_1531>) \n[1.15.3](<https://cloud.ibm.com/docs/containers?topic=containers-changelog#1153_1515>)\n\nIf one or more of your clusters is at version 1.13, 1.14 or 1.15 and has not had its master automatically updated then use the following IBM Cloud CLI command to complete the cluster master update, replacing \"1.##\" with the target version.\n\n`ibmcloud ks cluster-update --cluster <cluster name or ID> --kube-version 1.##`\n\nOnce your clusters have completed their master updates, see [Updating worker nodes](<https://cloud.ibm.com/docs/containers?topic=containers-update>) for details on updating worker nodes still exposed to these vulnerabilities.\n\nCustomers running IBM Cloud Kubernetes Service clusters at versions 1.11 or 1.12 must [upgrade](<https://cloud.ibm.com/docs/containers?topic=containers-update#update>) their affected clusters to version 1.13. Customers running IBM Cloud Kubernetes Service clusters at version 1.10 must upgrade first to version 1.12 and then to version 1.13. Please review the [documentation](<https://cloud.ibm.com/docs/containers?topic=containers-update#update>) before starting an upgrade since additional actions may be required.\n\nIf you are running IBM Cloud Kubernetes Service clusters at version 1.5, 1.7, 1.8 or 1.9, there is no migration path.\n\nNote: IBM Cloud Kubernetes Service versions 1.5, 1.7, 1.8, 1.9, 1.10 and 1.11 are no longer supported, and version 1.12 is deprecated. See the IBM Cloud Kubernetes Service [Version information and update actions documentation](<https://cloud.ibm.com/docs/containers?topic=containers-cs_versions#cs_versions>) for more information about Kubernetes versions and version support policies.\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n[Kubernetes Security Announcement](<https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSJTBP\",\"label\":\"IBM Cloud Kubernetes Service\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB21\",\"label\":\"Public Cloud Platform\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-04T10:55:08", "type": "ibm", "title": "Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerabilities (CVE-2019-9512, CVE-2019-9514)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-04T10:55:08", "id": "68A2A52B486DE856D9D7DEBE2A73EF9375AF2AD3DE794F39D2969903EBA03921", "href": "https://www.ibm.com/support/pages/node/1072380", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:39:34", "description": "## Summary\n\nMultiple vulnerabilities were found in the Golang package that is used by IBM MQ Certified Container.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ Certified Container | 4.x.x CD \n \n## Remediation/Fixes\n\n**IBM MQ Certified Container**\n\n[Upgrade to version 4.1.2](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/WebSphere+MQ&release=9.1.3&platform=Linux+64-bit,x86_64&function=fixId&fixids=IBM-MQ-Adv-container-4.1.2&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"Upgrade to version 4.1.2\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-19T15:33:23", "type": "ibm", "title": "Security Bulletin: IBM MQ Certified Container is vulnerable to multiple vulnerabilities in Golang (CVE-2019-9512, CVE-2019-9514)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-12-19T15:33:23", "id": "BDA1FEB928FD97925389C0FEA25449D97B8CDA5FCBA7D104AC84AA1F890A9E36", "href": "https://www.ibm.com/support/pages/node/1128279", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T01:38:55", "description": "## Summary\n\nVulnerability CVE-2019-9512, CVE-2019-9514 in nginx\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n \n**CVEID: **[CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION: **Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM PowerAI Vision | 1.1.3 \nIBM PowerAI Vision | 1.1.4 \n \n## Remediation/Fixes\n\nnginx has been upgraded in PowerAI Vision 1.1.5 to a level that addresses this vulnerability.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-08T04:40:42", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-08T04:40:42", "id": "E82785235072F5EF5FCC205CE14F01F22FB4483D23ECF18B1C4AED471927B7FC", "href": "https://www.ibm.com/support/pages/node/1168528", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-23T21:42:03", "description": "## Summary\n\nSecurity Vulnerabilities affect IBM Cloud Private - Go\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-9514](<https://vulners.com/cve/CVE-2019-9514>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164640> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-9512](<https://vulners.com/cve/CVE-2019-9512>) \n**DESCRIPTION:** Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/164903> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages\n\n * IBM Cloud Private 3.2.1\n * IBM Cloud Private 3.2.0\n\nFor IBM Cloud Private 3.2.0, apply October fix pack:\n\n * [IBM Cloud Private 3.2.0.1910 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private&fixids=icp-3.2.0.1910-build534861-31972&source=myna&myns=swgother&mynp=OCSSBS6K&mync=E&cm_sp=swgother-_-OCSSBS6K-_-E&function=fixId&parent=ibm/WebSphere>)\n\nFor IBM Cloud Private 3.2.1, apply October fix pack:\n\n * [IBM Cloud Private 3.2.1.1910 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private&fixids=icp-3.2.1.1910-build534863-31973&source=myna&myns=swgother&mynp=OCSSBS6K&mync=E&cm_sp=swgother-_-OCSSBS6K-_-E&function=fixId&parent=ibm/WebSphere>)\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2: \n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.1. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-23T15:51:35", "type": "ibm", "title": "Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Go (CVE-2019-9512, CVE-2019-9514)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-11-23T15:51:35", "id": "938B27E41A5FB45C2E428DDD55ACB1346901CC6F33F5B67B4257EF415A10F64E", "href": "https://www.ibm.com/support/pages/node/1074732", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-04-21T15:19:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-18T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-2179-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11112", "CVE-2020-11620", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11111", "CVE-2020-10968", "CVE-2020-10969"], "modified": "2020-04-18T00:00:00", "id": "OPENVAS:1361412562310892179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892179", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892179\");\n script_version(\"2020-04-18T03:00:13+0000\");\n script_cve_id(\"CVE-2020-10968\", \"CVE-2020-10969\", \"CVE-2020-11111\", \"CVE-2020-11112\", \"CVE-2020-11113\", \"CVE-2020-11619\", \"CVE-2020-11620\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-18 03:00:13 +0000 (Sat, 18 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-18 03:00:13 +0000 (Sat, 18 Apr 2020)\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-2179-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2179-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DLA-2179-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Following CVEs were reported against the jackson-databind source package\n:\n\nCVE-2020-10968\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.aoju.bus.proxy.provider.remoting.RmiProvider\n(aka bus-proxy).\n\nCVE-2020-10969\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto javax.swing.JEditorPane.\n\nCVE-2020-11111\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.apache.activemq.* (aka activemq-jms, activemq-core,\nactivemq-pool, and activemq-pool-jms).\n\nCVE-2020-11112\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.apache.commons.proxy.provider.remoting.RmiProvider\n(aka apache/commons-proxy).\n\nCVE-2020-11113\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.apache.openjpa.ee.WASRegistryManagedRuntime\n(aka openjpa).\n\nCVE-2020-11619\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.springframework.aop.config.MethodLocatingFactoryBean\n(aka spring-aop).\n\nCVE-2020-11620\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u14.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-09-12T16:55:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4520-1 (trafficserver - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9518", "CVE-2019-9514"], "modified": "2019-09-11T00:00:00", "id": "OPENVAS:1361412562310704520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704520", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704520\");\n script_version(\"2019-09-11T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-9518\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_name(\"Debian Security Advisory DSA 4520-1 (trafficserver - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4520.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4520-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'trafficserver'\n package(s) announced via the DSA-4520-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\");\n\n script_tag(name:\"affected\", value:\"'trafficserver' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-dev\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-experimental-plugins\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-09T16:55:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-06T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-2135-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9548", "CVE-2020-9546", "CVE-2020-9547"], "modified": "2020-03-06T00:00:00", "id": "OPENVAS:1361412562310892135", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892135", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892135\");\n script_version(\"2020-03-06T04:00:09+0000\");\n script_cve_id(\"CVE-2020-9546\", \"CVE-2020-9547\", \"CVE-2020-9548\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-06 04:00:09 +0000 (Fri, 06 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-06 04:00:09 +0000 (Fri, 06 Mar 2020)\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-2135-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2135-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DLA-2135-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following CVEs were reported for jackson-databind source package.\n\nCVE-2020-9546\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig\n(aka shaded hikari-config).\n\nCVE-2020-9547\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig\n(aka ibatis-sqlmap).\n\nCVE-2020-9548\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related\nto br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u12.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-20T22:53:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-20T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for netty (DLA-2109-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-7238", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310892109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892109", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892109\");\n script_version(\"2020-02-20T04:00:07+0000\");\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 04:00:07 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-20 04:00:07 +0000 (Thu, 20 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for netty (DLA-2109-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2109-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950966\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'netty'\n package(s) announced via the DLA-2109-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework:\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon,\nwhich might be interpreted as a separate header with an incorrect\nsyntax, or might be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\");\n\n script_tag(name:\"affected\", value:\"'netty' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnetty-java\", ver:\"1:3.2.6.Final-2+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-08-27T12:51:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4508-1 (h2o - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310704508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704508", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704508\");\n script_version(\"2019-08-27T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4508-1 (h2o - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4508.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4508-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'h2o'\n package(s) announced via the DSA-4508-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\");\n\n script_tag(name:\"affected\", value:\"'h2o' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"h2o\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"h2o-doc\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev-common\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-20T22:53:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-20T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for netty-3.9 (DLA-2110-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-7238", "CVE-2014-0193", "CVE-2019-16869", "CVE-2014-3488", "CVE-2019-20445", "CVE-2019-20444"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310892110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892110", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892110\");\n script_version(\"2020-02-20T04:00:10+0000\");\n script_cve_id(\"CVE-2014-0193\", \"CVE-2014-3488\", \"CVE-2019-16869\", \"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 04:00:10 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-20 04:00:10 +0000 (Thu, 20 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for netty-3.9 (DLA-2110-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2110-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/746639\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/941266\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950966\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'netty-3.9'\n package(s) announced via the DLA-2110-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework:\n\nCVE-2014-0193\n\nWebSocket08FrameDecoder allows remote attackers to cause a denial\nof service (memory consumption) via a TextWebSocketFrame followed\nby a long stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\nThe SslHandler allows remote attackers to cause a denial of\nservice (infinite loop and CPU consumption) via a crafted\nSSLv2Hello message.\n\nCVE-2019-16869\n\nNetty mishandles whitespace before the colon in HTTP headers (such\nas a 'Transfer-Encoding : chunked' line), which leads to HTTP\nrequest smuggling.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java allows an HTTP header that lacks a colon,\nwhich might be interpreted as a separate header with an incorrect\nsyntax, or might be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java allows a Content-Length header to be\naccompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader.\");\n\n script_tag(name:\"affected\", value:\"'netty-3.9' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libnetty-3.9-java\", ver:\"3.9.0.Final-1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-07-21T20:05:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-02T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-2270-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14061", "CVE-2020-14060", "CVE-2020-14062", "CVE-2020-14195"], "modified": "2020-07-03T00:00:00", "id": "OPENVAS:1361412562310892270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892270", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892270\");\n script_version(\"2020-07-03T07:30:29+0000\");\n script_cve_id(\"CVE-2020-14060\", \"CVE-2020-14061\", \"CVE-2020-14062\", \"CVE-2020-14195\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 07:30:29 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-02 03:12:57 +0000 (Thu, 02 Jul 2020)\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-2270-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2270-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DLA-2270-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There were several CVE(s) reported against src:jackson-databind,\nwhich are as follows:\n\nCVE-2020-14060\n\nFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\ninteraction between serialization gadgets and typing, related\nto oadd.org.apache.xalan.lib.sql.JNDIConnectionPool\n(aka apache/drill).\n\nCVE-2020-14061\n\nFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\ninteraction between serialization gadgets and typing, related\nto oracle.jms.AQjmsQueueConnectionFactory,\noracle.jms.AQjmsXATopicConnectionFactory,\noracle.jms.AQjmsTopicConnectionFactory,\noracle.jms.AQjmsXAQueueConnectionFactory, and\noracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\n\nCVE-2020-14062\n\nFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\ninteraction between serialization gadgets and typing, related\nto com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool\n(aka xalan2).\n\nCVE-2020-14195\n\nFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\ninteraction between serialization gadgets and typing, related\nto org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u15.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u15\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u15\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-27T17:03:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-23T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-2153-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673"], "modified": "2020-03-26T00:00:00", "id": "OPENVAS:1361412562310892153", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892153", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892153\");\n script_version(\"2020-03-26T07:22:55+0000\");\n script_cve_id(\"CVE-2020-10672\", \"CVE-2020-10673\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 07:22:55 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 04:00:08 +0000 (Mon, 23 Mar 2020)\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-2153-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2153-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DLA-2153-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following CVE(s) were reported against jackson-databind.\n\nCVE-2020-10672\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.aries.transaction.jms.internal.XaPooledConnectionFactory\n(aka aries.transaction.jms).\n\nCVE-2020-10673\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\ncom.caucho.config.types.ResourceRef (aka caucho-quercus).\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u13.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-30T10:20:45", "description": "Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "openvas", "title": "Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-10079", "CVE-2019-9514"], "modified": "2019-10-28T00:00:00", "id": "OPENVAS:1361412562310143069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143069", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:apache:traffic_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143069\");\n script_version(\"2019-10-28T05:15:58+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-28 05:15:58 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-28 05:08:21 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-10079\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_apache_traffic_detect.nasl\");\n script_mandatory_keys(\"apache_trafficserver/installed\");\n\n script_tag(name:\"summary\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.\");\n\n script_tag(name:\"insight\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities:\n\n - Ping Flood (CVE-2019-9512)\n\n - Reset Flood (CVE-2019-9514)\n\n - Settings Flood (CVE-2019-9515)\n\n - Malformed SETTINGS frames (CVE-2019-10079)\");\n\n script_tag(name:\"affected\", value:\"Apache Traffic Server versions 6.0.0 - 6.2.3, 7.0.0 - 7.1.6 and 8.0.0 - 8.0.3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.1.7, 8.0.4 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: version, test_version: \"6.0.0\", test_version2: \"6.2.3\") ||\n version_in_range(version: version, test_version: \"7.0.0\", test_version2: \"7.1.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.1.7\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0.0\", test_version2: \"8.0.3\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.0.4\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-24T16:53:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-2111-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8840", "CVE-2019-20330"], "modified": "2020-02-21T00:00:00", "id": "OPENVAS:1361412562310892111", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892111", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892111\");\n script_version(\"2020-02-21T04:00:10+0000\");\n script_cve_id(\"CVE-2019-20330\", \"CVE-2020-8840\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-21 04:00:10 +0000 (Fri, 21 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-21 04:00:10 +0000 (Fri, 21 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-2111-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2111-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DLA-2111-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that jackson-databind, a Java library used to parse JSON and\nother data formats, could deserialize data without proper validation,\nallowing a maliciously client to perform remote code execution on a\nservice with the required characteristics.\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u11.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u11\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:31", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191967", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1967\");\n script_version(\"2020-01-23T12:28:43+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1967\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-1967 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2021-10-22T12:23:36", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u14\nCVE ID : CVE-2020-10968 CVE-2020-10969 CVE-2020-11111\n CVE-2020-11112 CVE-2020-11113 CVE-2020-11619\n CVE-2020-11620\n\n\nFollowing CVEs were reported against the jackson-databind source package\n:\n\nCVE-2020-10968\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.aoju.bus.proxy.provider.remoting.RmiProvider\n (aka bus-proxy).\n\nCVE-2020-10969\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to javax.swing.JEditorPane.\n\nCVE-2020-11111\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.activemq.* (aka activemq-jms, activemq-core,\n activemq-pool, and activemq-pool-jms).\n\nCVE-2020-11112\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.commons.proxy.provider.remoting.RmiProvider\n (aka apache/commons-proxy).\n\nCVE-2020-11113\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.openjpa.ee.WASRegistryManagedRuntime\n (aka openjpa).\n\nCVE-2020-11619\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.springframework.aop.config.MethodLocatingFactoryBean\n (aka spring-aop).\n\nCVE-2020-11620\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u14.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-17T23:51:40", "type": "debian", "title": "[SECURITY] [DLA 2179-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-04-17T23:51:40", "id": "DEBIAN:DLA-2179-1:B7152", "href": "https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-08T15:12:38", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u14\nCVE ID : CVE-2020-10968 CVE-2020-10969 CVE-2020-11111\n CVE-2020-11112 CVE-2020-11113 CVE-2020-11619\n CVE-2020-11620\n\n\nFollowing CVEs were reported against the jackson-databind source package\n:\n\nCVE-2020-10968\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.aoju.bus.proxy.provider.remoting.RmiProvider\n (aka bus-proxy).\n\nCVE-2020-10969\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to javax.swing.JEditorPane.\n\nCVE-2020-11111\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.activemq.* (aka activemq-jms, activemq-core,\n activemq-pool, and activemq-pool-jms).\n\nCVE-2020-11112\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.commons.proxy.provider.remoting.RmiProvider\n (aka apache/commons-proxy).\n\nCVE-2020-11113\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.openjpa.ee.WASRegistryManagedRuntime\n (aka openjpa).\n\nCVE-2020-11619\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.springframework.aop.config.MethodLocatingFactoryBean\n (aka spring-aop).\n\nCVE-2020-11620\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u14.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-17T23:51:40", "type": "debian", "title": "[SECURITY] [DLA 2179-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2020-04-17T23:51:40", "id": "DEBIAN:DLA-2179-1:DDD4A", "href": "https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-05T21:15:56", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2364-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nSeptember 04, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : netty\nVersion : 1:4.1.7-2+deb9u2\nCVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612\nDebian Bug : 950966 950967\n\nSeveral vulnerabilities have been discovered in netty, a Java NIO\nclient/server socket framework.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\n that lacks a colon, which might be interpreted as a separate header\n with an incorrect syntax, or might be interpreted as an &quot;invalid\n fold.&quot;\n\nCVE-2019-20445\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\n header to be accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty 4.1.43.Final allows HTTP Request Smuggling because it\n mishandles Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header. This issue exists because of an incomplete fix for\n CVE-2019-16869.\n\nCVE-2020-11612\n\n The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded\n memory allocation while decoding a ZlibEncoded byte stream. An\n attacker could send a large ZlibEncoded byte stream to the Netty\n server, forcing the server to allocate all of its free memory to a\n single decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-09-04T18:39:54", "type": "debian", "title": "[SECURITY] [DLA 2364-1] netty security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612", "CVE-2020-7238"], "modified": "2020-09-04T18:39:54", "id": "DEBIAN:DLA-2364-1:39666", "href": "https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-08T15:37:22", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4520-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 09, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : trafficserver\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518\n\nSeveral vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\n\nFor the detailed security status of trafficserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/trafficserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-09T20:44:25", "type": "debian", "title": "[SECURITY] [DSA 4520-1] trafficserver security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2019-09-09T20:44:25", "id": "DEBIAN:DSA-4520-1:26CCF", "href": "https://lists.debian.org/debian-security-announce/2019/msg00168.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-23T04:06:13", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u12\nCVE ID : CVE-2020-9546 CVE-2020-9547 CVE-2020-9548\n\n\nThe following CVEs were reported for jackson-databind source package.\n\nCVE-2020-9546\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig\n (aka shaded hikari-config).\n\nCVE-2020-9547\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig\n (aka ibatis-sqlmap).\n\nCVE-2020-9548\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u12.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-05T22:55:37", "type": "debian", "title": "[SECURITY] [DLA 2135-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-03-05T22:55:37", "id": "DEBIAN:DLA-2135-1:92903", "href": "https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:26:54", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u12\nCVE ID : CVE-2020-9546 CVE-2020-9547 CVE-2020-9548\n\n\nThe following CVEs were reported for jackson-databind source package.\n\nCVE-2020-9546\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig\n (aka shaded hikari-config).\n\nCVE-2020-9547\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig\n (aka ibatis-sqlmap).\n\nCVE-2020-9548\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related\n to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u12.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-05T22:55:37", "type": "debian", "title": "[SECURITY] [DLA 2135-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-03-05T22:55:37", "id": "DEBIAN:DLA-2135-1:08B42", "href": "https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-05T21:24:42", "description": "Package : netty\nVersion : 1:3.2.6.Final-2+deb8u2\nCVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238\nDebian Bug : 950966 950967\n\n\nSeveral vulnerabilities were discovered in the HTTP server provided by\nNetty, a Java NIO client/server socket framework:\n\nCVE-2019-20444\n\n HttpObjectDecoder.java allows an HTTP header that lacks a colon,\n which might be interpreted as a separate header with an incorrect\n syntax, or might be interpreted as an &quot;invalid fold.&quot;\n\nCVE-2019-20445\n\n HttpObjectDecoder.java allows a Content-Length header to be\n accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty allows HTTP Request Smuggling because it mishandles\n Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n1:3.2.6.Final-2+deb8u2.\n\nWe recommend that you upgrade your netty packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-19T18:04:02", "type": "debian", "title": "[SECURITY] [DLA 2109-1] netty security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-19T18:04:02", "id": "DEBIAN:DLA-2109-1:DE8EC", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-03-05T21:15:54", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2365-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nSeptember 04, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : netty-3.9\nVersion : 3.9.9.Final-1+deb9u1\nCVE ID : CVE-2019-16869 CVE-2019-20444 CVE-2019-20445\nDebian Bug : 941266 950966 950967\n\nSeveral vulnerabilities have been discovered in netty-3.9, a Java NIO\nclient/server socket framework.\n\nCVE-2019-16869\n\n Netty before 4.1.42.Final mishandles whitespace before the colon in\n HTTP headers (such as a &quot;Transfer-Encoding : chunked&quot; line), which\n leads to HTTP request smuggling.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\n that lacks a colon, which might be interpreted as a separate header\n with an incorrect syntax, or might be interpreted as an &quot;invalid\n fold.&quot;\n\nCVE-2019-20445\n\n HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\n header to be accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.9.9.Final-1+deb9u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFor the detailed security status of netty-3.9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty-3.9\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-09-04T18:41:04", "type": "debian", "title": "[SECURITY] [DLA 2365-1] netty-3.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445"], "modified": "2020-09-04T18:41:04", "id": "DEBIAN:DLA-2365-1:41B26", "href": "https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-08T15:38:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4508-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 24, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : h2o\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515\n\nThree vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\n\nFor the detailed security status of h2o please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/h2o\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-24T14:44:01", "type": "debian", "title": "[SECURITY] [DSA 4508-1] h2o security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "modified": "2019-08-24T14:44:01", "id": "DEBIAN:DSA-4508-1:2E656", "href": "https://lists.debian.org/debian-security-announce/2019/msg00156.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-05T21:24:43", "description": "Package : netty-3.9\nVersion : 3.9.0.Final-1+deb8u1\nCVE ID : CVE-2014-0193 CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 \n CVE-2019-20445 CVE-2020-7238\nDebian Bug : 746639 941266 950966 950967\n\n\nSeveral vulnerabilities were discovered in Netty, a Java NIO\nclient/server socket framework:\n\nCVE-2014-0193\n\n WebSocket08FrameDecoder allows remote attackers to cause a denial\n of service (memory consumption) via a TextWebSocketFrame followed\n by a long stream of ContinuationWebSocketFrames.\n\nCVE-2014-3488\n\n The SslHandler allows remote attackers to cause a denial of\n service (infinite loop and CPU consumption) via a crafted\n SSLv2Hello message.\n\nCVE-2019-16869\n\n Netty mishandles whitespace before the colon in HTTP headers (such\n as a &quot;Transfer-Encoding : chunked&quot; line), which leads to HTTP\n request smuggling.\n\nCVE-2019-20444\n\n HttpObjectDecoder.java allows an HTTP header that lacks a colon,\n which might be interpreted as a separate header with an incorrect\n syntax, or might be interpreted as an &quot;invalid fold.&quot;\n\nCVE-2019-20445\n\n HttpObjectDecoder.java allows a Content-Length header to be\n accompanied by a second Content-Length header, or by a\n Transfer-Encoding header.\n\nCVE-2020-7238\n\n Netty allows HTTP Request Smuggling because it mishandles\n Transfer-Encoding whitespace (such as a\n [space]Transfer-Encoding:chunked line) and a later Content-Length\n header.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n3.9.0.Final-1+deb8u1.\n\nWe recommend that you upgrade your netty-3.9 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-19T18:04:08", "type": "debian", "title": "[SECURITY] [DLA 2110-1] netty-3.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0193", "CVE-2014-3488", "CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2020-02-19T18:04:08", "id": "DEBIAN:DLA-2110-1:96368", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-01-08T15:07:13", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u15\nCVE ID : CVE-2020-14060 CVE-2020-14061 CVE-2020-14062\n CVE-2020-14195\n\n\nThere were several CVE(s) reported against src:jackson-databind,\nwhich are as follows:\n\nCVE-2020-14060\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool\n (aka apache/drill).\n\nCVE-2020-14061\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to oracle.jms.AQjmsQueueConnectionFactory,\n oracle.jms.AQjmsXATopicConnectionFactory,\n oracle.jms.AQjmsTopicConnectionFactory,\n oracle.jms.AQjmsXAQueueConnectionFactory, and\n oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\n\nCVE-2020-14062\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool\n (aka xalan2).\n\nCVE-2020-14195\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u15.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-01T12:28:47", "type": "debian", "title": "[SECURITY] [DLA 2270-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195"], "modified": "2020-07-01T12:28:47", "id": "DEBIAN:DLA-2270-1:A2D41", "href": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T11:21:27", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u15\nCVE ID : CVE-2020-14060 CVE-2020-14061 CVE-2020-14062\n CVE-2020-14195\n\n\nThere were several CVE(s) reported against src:jackson-databind,\nwhich are as follows:\n\nCVE-2020-14060\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool\n (aka apache/drill).\n\nCVE-2020-14061\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to oracle.jms.AQjmsQueueConnectionFactory,\n oracle.jms.AQjmsXATopicConnectionFactory,\n oracle.jms.AQjmsTopicConnectionFactory,\n oracle.jms.AQjmsXAQueueConnectionFactory, and\n oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\n\nCVE-2020-14062\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool\n (aka xalan2).\n\nCVE-2020-14195\n\n FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the\n interaction between serialization gadgets and typing, related\n to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u15.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-01T12:28:47", "type": "debian", "title": "[SECURITY] [DLA 2270-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195"], "modified": "2020-07-01T12:28:47", "id": "DEBIAN:DLA-2270-1:4546C", "href": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T14:36:52", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4885-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 05, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : netty\nCVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612 \n CVE-2021-21290 CVE-2021-21295 CVE-2021-21409\n\nMultiple security issues were discovered in Netty, a Java NIO\nclient/server framework, which could result in HTTP request smuggling,\ndenial of service or information disclosure.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:4.1.33-1+deb10u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-04-05T19:06:20", "type": "debian", "title": "[SECURITY] [DSA 4885-1] netty security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612", "CVE-2020-7238", "CVE-2021-21290", "CVE-2021-21295", "CVE-2021-21409"], "modified": "2021-04-05T19:06:20", "id": "DEBIAN:DSA-4885-1:31BC0", "href": "https://lists.debian.org/debian-security-announce/2021/msg00066.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-01-05T14:57:42", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u13\nCVE ID : CVE-2020-10672 CVE-2020-10673\n\n\nThe following CVE(s) were reported against jackson-databind.\n\nCVE-2020-10672\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related to\n org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory\n (aka aries.transaction.jms).\n\nCVE-2020-10673\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related to\n com.caucho.config.types.ResourceRef (aka caucho-quercus).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u13.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-22T12:03:56", "type": "debian", "title": "[SECURITY] [DLA 2153-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673"], "modified": "2020-03-22T12:03:56", "id": "DEBIAN:DLA-2153-1:D5ADC", "href": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:25:11", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u13\nCVE ID : CVE-2020-10672 CVE-2020-10673\n\n\nThe following CVE(s) were reported against jackson-databind.\n\nCVE-2020-10672\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related to\n org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory\n (aka aries.transaction.jms).\n\nCVE-2020-10673\n\n FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\n interaction between serialization gadgets and typing, related to\n com.caucho.config.types.ResourceRef (aka caucho-quercus).\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u13.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-22T12:03:56", "type": "debian", "title": "[SECURITY] [DLA 2153-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10672", "CVE-2020-10673"], "modified": "2020-03-22T12:03:56", "id": "DEBIAN:DLA-2153-1:5061A", "href": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T11:25:42", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u11\nCVE ID : CVE-2019-20330 CVE-2020-8840\n\nIt was found that jackson-databind, a Java library used to parse JSON and\nother data formats, could deserialize data without proper validation,\nallowing a maliciously client to perform remote code execution on a\nservice with the required characteristics.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u11.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-20T15:46:53", "type": "debian", "title": "[SECURITY] [DLA 2111-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20330", "CVE-2020-8840"], "modified": "2020-02-20T15:46:53", "id": "DEBIAN:DLA-2111-1:E5D8F", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-05T03:10:09", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u11\nCVE ID : CVE-2019-20330 CVE-2020-8840\n\nIt was found that jackson-databind, a Java library used to parse JSON and\nother data formats, could deserialize data without proper validation,\nallowing a maliciously client to perform remote code execution on a\nservice with the required characteristics.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.4.2-2+deb8u11.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-20T15:46:53", "type": "debian", "title": "[SECURITY] [DLA 2111-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20330", "CVE-2020-8840"], "modified": "2020-02-20T15:46:53", "id": "DEBIAN:DLA-2111-1:8FC8D", "href": "https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-05T21:14:59", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2485-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Brian May\nDecember 09, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : golang-golang-x-net-dev\nVersion : 1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\nCVE ID : CVE-2019-9512 CVE-2019-9514\n\nThe http2 server support in this package was vulnerable to\ncertain types of DOS attacks.\n\nCVE-2019-9512\n\n This code was vulnerable to ping floods, potentially leading to a denial of\n service. The attacker sends continual pings to an HTTP/2 peer, causing the peer\n to build an internal queue of responses. Depending on how efficiently this data\n is queued, this can consume excess CPU, memory, or both.\n\nCVE-2019-9514\n\n This code was vulnerable to a reset flood, potentially leading to a denial\n of service. The attacker opens a number of streams and sends an invalid request\n over each stream that should solicit a stream of RST_STREAM frames from the\n peer. Depending on how the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T22:15:45", "type": "debian", "title": "[SECURITY] [DLA 2485-1] golang-golang-x-net-dev security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-12-08T22:15:45", "id": "DEBIAN:DLA-2485-1:44FAA", "href": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-05-19T14:04:39", "description": "Following CVEs were reported against the jackson-databind source package :\n\nCVE-2020-10968\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\n\nCVE-2020-10969\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.\n\nCVE-2020-11111\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).\n\nCVE-2020-11112\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).\n\nCVE-2020-11113\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\n\nCVE-2020-11619\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).\n\nCVE-2020-11620\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u14.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-20T00:00:00", "type": "nessus", "title": "Debian DLA-2179-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2179.NASL", "href": "https://www.tenable.com/plugins/nessus/135722", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2179-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135722);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2020-10968\", \"CVE-2020-10969\", \"CVE-2020-11111\", \"CVE-2020-11112\", \"CVE-2020-11113\", \"CVE-2020-11619\", \"CVE-2020-11620\");\n\n script_name(english:\"Debian DLA-2179-1 : jackson-databind security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Following CVEs were reported against the jackson-databind source\npackage :\n\nCVE-2020-10968\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\n\nCVE-2020-10969\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\njavax.swing.JEditorPane.\n\nCVE-2020-11111\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool,\nand activemq-pool-jms).\n\nCVE-2020-11112\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.commons.proxy.provider.remoting.RmiProvider (aka\napache/commons-proxy).\n\nCVE-2020-11113\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\n\nCVE-2020-11619\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.springframework.aop.config.MethodLocatingFactoryBean (aka\nspring-aop).\n\nCVE-2020-11620\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.commons.jelly.impl.Embedded (aka commons-jelly).\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u14.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:04:34", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.16.2, or 17.7.x through 17.12.x prior to 17.12.11.4, or 18.8.x prior to 18.8.17, or 19.12.x prior to 19.12.7. It is, therefore, affected by multiple vulnerabilities, including the following:\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform (jackson-databind)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this vulnerability can result in takeover of Primavera Unifier. (CVE-2020-9546)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (Apache Ant)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Primavera Unifier accessible data as well as unauthorized access to critical data or complete access to all Primavera Unifier accessible data. (CVE-2020-1945)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Mobile App). The supported version that is affected is Prior to 20.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Primavera Unifier. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data as well as unauthorized update, insert or delete access to some of Primavera Unifier accessible data.\n (CVE-2020-14618)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-07-15T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14617", "CVE-2020-14618", "CVE-2020-1945", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/138508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138508);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1945\",\n \"CVE-2020-9546\",\n \"CVE-2020-9547\",\n \"CVE-2020-9548\",\n \"CVE-2020-10650\",\n \"CVE-2020-10672\",\n \"CVE-2020-10968\",\n \"CVE-2020-10969\",\n \"CVE-2020-11111\",\n \"CVE-2020-11112\",\n \"CVE-2020-11113\",\n \"CVE-2020-11619\",\n \"CVE-2020-11620\",\n \"CVE-2020-14617\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web\nserver is 16.1.x or 16.2.x prior to 16.2.16.2, or 17.7.x through 17.12.x prior to 17.12.11.4, or 18.8.x prior to\n18.8.17, or 19.12.x prior to 19.12.7. It is, therefore, affected by multiple vulnerabilities, including the following:\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform\n (jackson-databind)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to\n compromise Primavera Unifier. Successful attacks of this vulnerability can result in takeover of Primavera\n Unifier. (CVE-2020-9546)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core\n (Apache Ant)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized creation, deletion\n or modification access to critical data or all Primavera Unifier accessible data as well as unauthorized\n access to critical data or complete access to all Primavera Unifier accessible data. (CVE-2020-1945)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Mobile\n App). The supported version that is affected is Prior to 20.6. Difficult to exploit vulnerability allows\n unauthenticated attacker with network access via HTTPS to compromise Primavera Unifier. Successful attacks\n require human interaction from a person other than the attacker. Successful attacks of this vulnerability\n can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible\n data as well as unauthorized update, insert or delete access to some of Primavera Unifier accessible data.\n (CVE-2020-14618)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujul2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujul2020.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2020 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9546\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nget_install_count(app_name:'Oracle Primavera Unifier', exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit('www/weblogic/' + port + '/installed');\n\napp_info = vcf::get_app_info(app:'Oracle Primavera Unifier', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'min_version' : '16.1', 'fixed_version' : '16.2.16.2' },\n { 'min_version' : '17.7', 'fixed_version' : '17.12.11.4' },\n { 'min_version' : '18.8', 'fixed_version' : '18.8.17' },\n { 'min_version' : '19.12', 'fixed_version' : '19.12.7' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:38:11", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1523 advisory.\n\n - jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n - jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n - jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n - jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n - jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:1523)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc"], "id": "REDHAT-RHSA-2020-1523.NASL", "href": "https://www.tenable.com/plugins/nessus/170300", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1523. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170300);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2020-10968\",\n \"CVE-2020-10969\",\n \"CVE-2020-11111\",\n \"CVE-2020-11112\",\n \"CVE-2020-11113\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1523\");\n\n script_name(english:\"RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:1523)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1523 advisory.\n\n - jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n - jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n - jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory\n (CVE-2020-11111)\n\n - jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider\n (CVE-2020-11112)\n\n - jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime\n (CVE-2020-11113)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1819208\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1819212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1821304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1821311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1821315\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven35-jackson-databind and / or rh-maven35-jackson-databind-javadoc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11113\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(96, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-maven35-jackson-databind-2.7.6-2.9.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven35-jackson-databind / rh-maven35-jackson-databind-javadoc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:22:47", "description": "Several vulnerabilities have been discovered in netty, a Java NIO client/server socket framework.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an 'invalid fold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.\n\nCVE-2020-7238\n\nNetty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.\n\nCVE-2020-11612\n\nThe ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version 1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netty\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-08T00:00:00", "type": "nessus", "title": "Debian DLA-2364-1 : netty security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612", "CVE-2020-7238"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnetty-java", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2364.NASL", "href": "https://www.tenable.com/plugins/nessus/140295", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2364-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140295);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-11612\", \"CVE-2020-7238\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DLA-2364-1 : netty security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in netty, a Java NIO\nclient/server socket framework.\n\nCVE-2019-20444\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header\nthat lacks a colon, which might be interpreted as a separate header\nwith an incorrect syntax, or might be interpreted as an 'invalid\nfold.'\n\nCVE-2019-20445\n\nHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length\nheader to be accompanied by a second Content-Length header, or by a\nTransfer-Encoding header.\n\nCVE-2020-7238\n\nNetty 4.1.43.Final allows HTTP Request Smuggling because it mishandles\nTransfer-Encoding whitespace (such as a\n[space]Transfer-Encoding:chunked line) and a later Content-Length\nheader. This issue exists because of an incomplete fix for\nCVE-2019-16869.\n\nCVE-2020-11612\n\nThe ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded\nmemory allocation while decoding a ZlibEncoded byte stream. An\nattacker could send a large ZlibEncoded byte stream to the Netty\nserver, forcing the server to allocate all of its free memory to a\nsingle decoder.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:4.1.7-2+deb9u2.\n\nWe recommend that you upgrade your netty packages.\n\nFor the detailed security status of netty please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/netty\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/netty\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/netty\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected libnetty-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnetty-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnetty-java\", reference:\"1:4.1.7-2+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:28", "description": "The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4600-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer- Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869. (CVE-2020-7238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-22T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Netty vulnerabilities (USN-4600-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java"], "id": "UBUNTU_USN-4600-1.NASL", "href": "https://www.tenable.com/plugins/nessus/141822", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4600-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141822);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2019-16869\",\n \"CVE-2019-20444\",\n \"CVE-2019-20445\",\n \"CVE-2020-7238\"\n );\n script_xref(name:\"USN\", value:\"4600-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Netty vulnerabilities (USN-4600-1)\");\n script_summary(english:\"Checks the dpkg output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-1 advisory.\n\n - Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a Transfer-\n Encoding : chunked line), which leads to HTTP request smuggling. (CVE-2019-16869)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such\n as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because\n of an incomplete fix for CVE-2019-16869. (CVE-2020-7238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4600-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libnetty-3.9-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnetty-3.9-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libnetty-3.9-java', 'pkgver': '3.9.0.Final-1ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnetty-3.9-java');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:41", "description": "Several vulnerabilities were discovered in the HTTP/2 code of Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable distribution (stretch). An upgrade to Debian stable (buster) is recommended instead.", "cvss3": {}, "published": "2019-09-10T00:00:00", "type": "nessus", "title": "Debian DSA-4520-1 : trafficserver - security update (Empty Frames Flood) (Ping Flood) (Reset Flood) (Settings Flood)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:trafficserver", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4520.NASL", "href": "https://www.tenable.com/plugins/nessus/128621", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4520. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128621);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-9518\");\n script_xref(name:\"DSA\", value:\"4520\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"Debian DSA-4520-1 : trafficserver - security update (Empty Frames Flood) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the\noldstable distribution (stretch). An upgrade to Debian stable (buster)\nis recommended instead.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/trafficserver\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20613153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/trafficserver\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4520\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the trafficserver packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 8.0.2+ds-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:trafficserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver-dev\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver-experimental-plugins\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:06:00", "description": "Puppetlabs reports :\n\nIn June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities.", "cvss3": {}, "published": "2020-08-11T00:00:00", "type": "nessus", "title": "FreeBSD : puppetdb -- Multiple vulnerabilities (10e3ed8a-db7f-11ea-8bdf-643150d3111d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-9548"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:puppetdb5", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_10E3ED8ADB7F11EA8BDF643150D3111D.NASL", "href": "https://www.tenable.com/plugins/nessus/139471", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139471);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2020-14060\",\n \"CVE-2020-14061\",\n \"CVE-2020-14062\",\n \"CVE-2020-14195\",\n \"CVE-2020-9548\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"FreeBSD : puppetdb -- Multiple vulnerabilities (10e3ed8a-db7f-11ea-8bdf-643150d3111d)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Puppetlabs reports :\n\nIn June 2020, jackson-databind published security updates addressing\nseveral CVEs. Previous releases of PuppetDB contain a vulnerable\nversion of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an\nupdated version of jackson-databind that has patched the\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://puppet.com/security/cve/jackson-july-2020-security-fixes/\");\n # https://vuxml.freebsd.org/freebsd/10e3ed8a-db7f-11ea-8bdf-643150d3111d.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c79a242d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:puppetdb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"puppetdb5<5.2.18\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:32", "description": "The following CVEs were reported for jackson-databind source package.\n\nCVE-2020-9546\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).\n\nCVE-2020-9547\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).\n\nCVE-2020-9548\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u12.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-03-06T00:00:00", "type": "nessus", "title": "Debian DLA-2135-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2135.NASL", "href": "https://www.tenable.com/plugins/nessus/134245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2135-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134245);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-9546\", \"CVE-2020-9547\", \"CVE-2020-9548\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DLA-2135-1 : jackson-databind security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The following CVEs were reported for jackson-databind source package.\n\nCVE-2020-9546\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\norg.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded\nhikari-config).\n\nCVE-2020-9547\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\ncom.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka\nibatis-sqlmap).\n\nCVE-2020-9548\n\nFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the\ninteraction between serialization gadgets and typing, related to\nbr.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u12.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/jackson-databind\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:30", "description": "The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4600-2 advisory.\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder. (CVE-2020-11612)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-27T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-11612"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libnetty-java"], "id": "UBUNTU_USN-4600-2.NASL", "href": "https://www.tenable.com/plugins/nessus/141934", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4600-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141934);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-11612\");\n script_xref(name:\"USN\", value:\"4600-2\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4600-2 advisory.\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be\n interpreted as a separate header with an incorrect syntax, or might be interpreted as an invalid fold.\n (CVE-2019-20444)\n\n - HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second\n Content-Length header, or by a Transfer-Encoding header. (CVE-2019-20445)\n\n - The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a\n ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server,\n forcing the server to allocate all of its free memory to a single decoder. (CVE-2020-11612)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4600-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libnetty-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnetty-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libnetty-java', 'pkgver': '1:4.1.7-4ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnetty-java');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:44", "description": "The remote Redhat Enterprise Linux 6 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0605 advisory.\n\n - netty: HTTP request smuggling (CVE-2019-20444)\n\n - netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n - netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-02-27T00:00:00", "type": "nessus", "title": "RHEL 6 / 8 : Red Hat JBoss Enterprise Application Platform 7.2 (RHSA-2020:0605)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-20444", "CVE-2019-20445", "CVE-2020-7238"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all"], "id": "REDHAT-RHSA-2020-0605.NASL", "href": "https://www.tenable.com/plugins/nessus/134098", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0605. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134098);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2019-20444\", \"CVE-2019-20445\", \"CVE-2020-7238\");\n script_xref(name:\"RHSA\", value:\"2020:0605\");\n\n script_name(english:\"RHEL 6 / 8 : Red Hat JBoss Enterprise Application Platform 7.2 (RHSA-2020:0605)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 / 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0605 advisory.\n\n - netty: HTTP request smuggling (CVE-2019-20444)\n\n - netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header\n (CVE-2019-20445)\n\n - netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20445\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1796225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1798509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1798524\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected eap7-netty and / or eap7-netty-all packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20445\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['6','8'])) audit(AUDIT_OS_NOT, 'Red Hat 6.x / 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/jbeap/7.2/debug',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.2/os',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-netty-4.1.45-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},\n {'reference':'eap7-netty-all-4.1.45-1.Final_redhat_00001.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-netty-4.1.45-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},\n {'reference':'eap7-netty-all-4.1.45-1.Final_redhat_00001.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if