Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 10:53 p.m.50 views

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

9.8CVSS9.8AI score0.45205EPSS
Exploits8Affected Software10
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/21 7:33 p.m.50 views

Security Bulletin: AWS SDK for Java as used by IBM QRadar SIEM is vulnerable to path traversal (CVE-2022-31159)

Summary AWS SDK for Java as used by IBM QRadar SIEM is vulnerable to path traversal. IBM QRadar SIEM has addressed the applicable vulnerability. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the...

7.9CVSS6.7AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/20 4:23 p.m.26 views

Security Bulletin: IBM Storage Protect server is vulnerable to a file system access attack due to AWS SDK for Java (CVE-2022-31159)

Summary The AWS SDK for Java is used by IBM Storage Protect server as part of its AWS cloud support. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw in the downloadDirector...

7.9CVSS6.7AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/19 9:18 p.m.37 views

Security Bulletin: IBM Security Guardium is affected by an AWS SDK vulnerability (CVE-2022-31159)

Summary IBM Security Guardium has fixed this vulnerability. Instructions for obtaining the fix are below. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw in the...

7.9CVSS6.8AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/09 7:33 p.m.67 views

Security Bulletin: IBM Sterling B2B Integrator vulnerable to directory traversal due to AWS SDK for Java (CVE-2022-31159)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability in AWS SDK for Java shipped with the product. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw i...

7.9CVSS6.7AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:58 p.m.30 views

Security Bulletin: Vulnerability in AWS SDK for Java affects IBM Process Mining . CVE-2022-31159

Summary There is a vulnerability in AWS SDK for Java that could allow a directory traversal . The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could...

7.9CVSS6.8AI score0.01193EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/07/21 4:15 a.m.4 views

CVE-2022-31171

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31159. Reason: This candidate is a reservation duplicate of CVE-2022-31159. Notes: All CVE users should reference CVE-2022-31159 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.9CVSS6.8AI score0.01193EPSS
Exploits1References1
Prion
Prion
added 2022/07/21 4:15 a.m.23 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31159. Reason: This candidate is a reservation duplicate of CVE-2022-31159. Notes: All CVE users should reference CVE-2022-31159 instead of this candidate. All references and descriptions in this candidate have been removed t...

6.4AI score0.01193EPSS
Exploits1
CVE
CVE
added 2022/07/20 9:55 p.m.71 views

CVE-2022-31171

CVE-2022-31159: Path traversal in AWS SDK for Java downloadDirectory in S3 TransferManager. IBM bulletins show multiple products affected (e.g., QRadar SIEM, Maximo Asset Management, Guardium, Disconnected Log Collector) and provide fix guidance. Remediation is upgrading to vendor-supplied fixed ...

6.9AI score
Exploits0
Circl
Circl
added 2022/07/15 10:20 p.m.9 views

CVE-2022-31159

creationtimestamp| type| source ---|---|--- 2022-07-15 22:20:31+00:00| seen| https://t.me/cibsecurity/46368 2025-08-20 21:02:35+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lwud7a7ym52m...

7.9CVSS6.6AI score0.01193EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/07/15 5:45 p.m.11 views

CVE-2022-31159 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the...

7.9CVSS7.9AI score0.01193EPSS
Exploits1References1
CVE
CVE
added 2022/07/15 5:45 p.m.181 views

CVE-2022-31159

CVE-2022-31159 affects the AWS SDK for Java S3 TransferManager (v1) prior to 1.12.261. A validation flaw in downloadDirectory can let a caller include a UNIX .. sequence in an S3 object key, potentially allowing a remote attacker to download or write files outside the intended destination directo...

7.9CVSS6.6AI score0.01193EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder