Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/28 3:14 a.m.65 views

Security Bulletin: Due to use of Apache Pulsar, IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is vulnerable to a security restrictions bypass.

Summary Pulsar is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library. CVE-2023-30428, CVE-2023-30429, CVE-2023-37579 and CVE-2023-31007 The below vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-30428 DESCRIPTION: Apache Pulsar could allow a...

9.6CVSS6.9AI score0.00733EPSS
Exploits0Affected Software2
Circl
Circl
added 2023/07/12 2:45 p.m.5 views

CVE-2023-37579

creationtimestamp| type| source ---|---|--- 2023-07-12 14:45:30+00:00| seen| https://t.me/cibsecurity/66527...

8.2CVSS7.1AI score0.0058EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/07/12 12:31 p.m.7 views

com.clever-cloud:biscuit-pulsar (=3.2.1), com.github.shoothzj:test-pulsar (>=3.1.12 <=3.1.15) +10 more potentially affected by CVE-2023-37579 via org.apache.pulsar:pulsar-functions-worker (>=2.0.0-rc1-incubating <=2.10.3)

org.apache.pulsar:pulsar-functions-worker MAVEN version =2.0.0-rc1-incubating, =3.1.12, =0.0.1, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.10.0, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.10.0, =2.0.0-rc1-incubating, =1.0.0, =1.1.0 Source cves: CVE-2023-37579...

8.2CVSS6.9AI score0.0058EPSS
Exploits0
OSV
OSV
added 2023/07/12 10:15 a.m.21 views

CVE-2023-37579

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization. Many sources and sinks...

6.5CVSS6.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/12 9:5 a.m.15 views

CVE-2023-37579 Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization. Many sources and sinks...

8.2CVSS8.1AI score0.0058EPSS
Exploits0References1
CVE
CVE
added 2023/07/12 9:5 a.m.59 views

CVE-2023-37579

This CVE affects Apache Pulsar Function Worker. An incorrect authorization flaw allows any authenticated user to retrieve a source or sink configuration, potentially exposing credentials stored in those configurations. Affected products/versions: Pulsar Function Worker before 2.10.4 and before 2....

8.2CVSS7AI score0.0058EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder