Solidfire & Hci Storage Node Security Vulnerabilities

Security Bulletin: IBM MQ Appliance vulnerable to open redirect (CVE-2024-29041)

Summary IBM MQ Appliance has addressed an open redirect vulnerability. Vulnerability Details CVEID: CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using....

Security Bulletin: IBM MQ Appliance is vulnerable to XML External Entity (XXE) injection and server-side request forgery (CVE-2024-22354 & CVE-2024-22329)

Summary IBM MQ Appliance has addressed XML External Entity (XXE) injection and server-side request forgery vulnerabilities. Vulnerability Details CVEID: CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are.....

Security Bulletin: IBM MQ Appliance vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)

Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM MQ Appliance has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms...

Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service attack (CVE-2024-35116)

Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...

Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-35116)

Summary IBM MQ has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...

Security Bulletin: IBM MQ Console is affected by a password disclosure vulnerability (CVE-2024-35155)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID: CVE-2024-35155 DESCRIPTION: IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Security Bulletin: IBM MQ is affected by a password disclosure vulnerability (CVE-2024-35156)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ REST API. Vulnerability Details CVEID: CVE-2024-35156 DESCRIPTION: IBM MQ could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

Security Bulletin: IBM MQ is affected by a vulnerability in Eclipse Jetty (CVE-2024-22201)

Summary An issue was found in Eclipse Jetty that is shipped with the IBM MQ Explorer. Vulnerability Details CVEID: CVE-2024-22201 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a flaw when an HTTP/2 connection gets TCP congested. By sending a specially crafted request,.....

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition (CVE-2024-21085)

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. Vulnerability Details CVEID: CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary Multiple issues were identified with IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality. Vulnerability Details CVEID: CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...

Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-31919)

Summary IBM MQ has addressed a denial of service vulnerability caused by an error processing messages when an API Exit using MQBUFMH is used. Vulnerability Details CVEID: CVE-2024-31919 DESCRIPTION: IBM MQ, in certain configurations, is vulnerable to a denial of service attack caused by an error...

Security Bulletin: IBM MQ is vulnerable to a privilege escalation attack (CVE-2024-31912)

Summary IBM MQ has addressed a privilege escalation vulnerability. Vulnerability Details CVEID: CVE-2024-31912 DESCRIPTION: IBM MQ could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. CVSS Base score: 7.5 CVSS Temporal...

IBM MQ 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7157976)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7157976 advisory. IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service,...

ROS-20240627-06

A vulnerability in the Calendar component of cloud storage creation and utilization software Nextcloud Server is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the 2FA component.....

IBM MQ 9.0 <= 9.0.0.26 / 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.4 CD (7158057)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158057 advisory. Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD Privilege Escalation (7158072)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158072 advisory. IBM MQ could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. (CVE-2024-31912) Note that...

The Windows Registry Adventure #3: Learning resources

Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry......

IBM MQ DoS (7157979)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7157979 advisory. IBM MQ, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used....

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150929)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150929 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of ...

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150045)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150045 advisory. Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons ...

IBM MQ 9.0 <= 9.0.0.26 / 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7157980)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7157980 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158058)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158058 advisory. IBM MQ could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158059)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158059 advisory. IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

RHEL 9 : Red Hat build of MicroShift 4.16.0 (RHSA-2024:0043)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0043 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2024-37532

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the...

Security Bulletin: IBM Master Data Management affected by vulnerabilites in IBM WebSphere Application Server to cross-site scripting (CVE-2024-35153)

Summary IBM Master Data Management version 11.6 and 12.0 is impacted by vulnerability in IBM WebSphere Application Server. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities

Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Dashboards....

Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2

Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by a security flaw in IBM WebSphere Application Server Liberty. The flaw can lead to weaker than expected security for outbound TLS connections, as described in the "Vulnerability Details" section....

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by a security flaw in IBM WebSphere Application Server Liberty. The flaw can lead to weaker than expected security for outbound TLS connections, as described in the "Vulnerability Details" section....

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and libcurl may affect IBM Storage Protect Backup-Archive Client

Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty and libcurl. The flaws can lead to weaker than expected security for outbound TLS connections and bypass of security restrictions, as described in the "Vulnerability...

Security Bulletin: IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component ( CVE-2024-25710,CVE-2024-26308).

Summary IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component. Apache Flink uses Commons Compress for handling compressed files and formats, enabling efficient data processing and storage. Vulnerability Details ** CVEID:...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details ** CVEID: CVE-2022-25857 DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 as bug 331383939. A similar bug, 331358160, was also reported and was assigned CVE-2024-3832. Both of these bugs were fixed in version 124.0.6367.60/.61....

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to cross-site scripting (CVE-2024-35153)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to follow-redirects arbitrary phishing attack vulnerability ( CVE-2023-26159)

Summary Potential follow-redirects arbitrary phishing attack vulnerability ( CVE-2023-26159) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to cross-site scripting (CVE-2024-35153)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected....

Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.

Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2024-29018 DESCRIPTION: **moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20952)

Summary Potential unspecified vulnerability in Java SE related to the VM component (CVE-2024-20952) has been identified that affects IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Node.js and IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-27983, CVE-2024-27980, CVE-2024-22329, CVE-2024-27982, CVE-2024-22354, CVE-2024-4068). Vulnerability Details ** CVEID: CVE-2024-27983 DESCRIPTION:...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2022-48554 DESCRIPTION: **File is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the file_copystr...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a denial of service due to a module used in node

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (IBM X-Force ID: 294242). Vulnerability Details ** IBM X-Force ID: 294242 DESCRIPTION: **Node.js Axios module is vulnerable to a denial of service, caused by a prototype pollution.....

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to weaker than expected security for outbound TLS connections due to WebSphere Application Server Liberty

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2023-50312). Vulnerability Details ** CVEID: CVE-2023-50312 DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to conduction of phishing attacks due to a web framework used in node

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-29041). Vulnerability Details ** CVEID: CVE-2024-29041 DESCRIPTION: **Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open...

Security Bulletin: The IBM® Engineering Lifecycle Management is impacted by vulnerabilties in Apache Velocity

Summary A vulnerability has been identified in Apache Velocity, which is used in IBM Engineering Lifecycle Management - IBM Jazz. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details ** CVEID: CVE-2020-13936 DESCRIPTION: **Apache Velocity...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details ** CVEID: CVE-2023-49569 DESCRIPTION: **go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2024-37532)

Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the.....

Security Bulletin: Storage Virtualize Ansible Collection is affected by a vulnerability in the Python Cryptographic Authority package

Summary The Python cryptography package which provides both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests, and key derivation functions, is used by IBM Ansible plug-in. This library is vulnerable to CVE-2024-26130....

CVE-2024-28973

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

CVE-2024-28973

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...