OPENSUSE-SU-2024:10326-1 ansible-2.2.0.0-1.1 on GA media

These are all security issues fixed in the ansible-2.2.0.0-1.1 package on the GA media of openSUSE Tumbleweed...

IBM Storage Copy Data Management 加密问题漏洞

IBM Storage Copy Data Management is a data storage system from International Business Machines IBM. A security vulnerability exists in IBM Storage Copy Data Management versions 2.2.0.0 through 2.2.19.0 that stems from the use of an insufficiently strong encryption algorithm...

PT-2023-26578 · Ibm · Ibm Storage Copy Data Management

Name of the Vulnerable Software and Affected Versions: IBM Storage Copy Data Management versions 2.2.0.0 through 2.2.19.0 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

Security Bulletin: Vulnerabilities in OpenSSL might affect IBM Spectrum Copy Data Management (CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217)

Summary IBM Spectrum Copy Data Management can be affected by vulnerabilities in OpenSSL. Vulnerabilities include denial of service attack, in which a remote attacker could exploit this vulnerability to cause the application to crash, as described by the CVEs in the "Vulnerability Details" section...

GHSA-F4QR-F4XX-HJXW OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information

Impact Requests to an OpenSearch cluster configured with advanced access control features document level security DLS, field level security FLS, and/or field masking will not be filtered when the query's search pattern matches an aliased index. OpenSearch Dashboards creates an alias to .kibana by...

IBM Spectrum Copy Data Management反向钓鱼攻击漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, is vulnerable to a phishing attack in IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0. The vulnerability stems from allowing pages linked to from...

IBM Spectrum Copy Data Management跨站请求伪造漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, simplifies and automates data center copy management processes, is vulnerable to cross-site request forgery in IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0. An attacker could exploit the vulnerability to...

CVE-2022-31769

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219...

Cross site request forgery (csrf)

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887...

PT-2022-20916 · Ibm · Ibm Spectrum Copy Data Management

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0 Description: The issue allows a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system...

IBM Spectrum Copy Data Management 安全漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, is vulnerable to a phishing attack in IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0. The vulnerability stems from allowing pages linked to from...

CVE-2022-22479

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887...

CVE-2022-30610

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Onc...

Security Bulletin: IBM Spectrum Copy Data Management is vulnerable to Slowloris, HTTP header injection, XSS, and CSRF (CVE-2022-22354, CVE-2022-22344, CVE-2021-39055, CVE-2021-39051)

Summary IBM Spectrum Copy Data Management is vulnerable to Slowloris HTTP denial of service, HTTP header injection, cross-site scripting XSS, and server-side request forgery CSRF attacks. Vulnerability Details CVEID: CVE-2022-22354 DESCRIPTION: IBM Spectrum Protect Plus and IBM Spectrum Copy Data...

IBM Sterling File Gateway Denial of Service Vulnerability

IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners. IBM Sterling File Gateway versions 2.2.0.0-5.2.6.53, 6.0.0.0- 6.0.0.6, 6.0 .1.0-6.0.3.4, and 6.1.0.0-6.1.0.1...

IBM Sterling File Gateway Information Disclosure Vulnerability (CNVD-2021-78441)

IBM Sterling File Gateway, an application for transferring files between internal and external partners, allows you to more securely and reliably transfer files with trading partners. an information disclosure vulnerability exists in IBM Sterling File Gateway version 2.2.0.0-6.1.1.0. The...

CVE-2021-20561

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

Improper access control

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567...

IBM Sterling File Gateway 安全漏洞

IBM Sterling File Gateway, an application for transferring files between internal and external partners, allows you to more securely and reliably transfer files with trading partners. an information disclosure vulnerability exists in IBM Sterling File Gateway version 2.2.0.0-6.1.1.0. The...

Security Bulletin: Session Fixation Vulnerability Affects BM Sterling File Gateway (CVE-2021-20473)

Summary IBM Sterling File Gateway has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-20473 DESCRIPTION: IBM Sterling File Gateway User Interface does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...