Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager versions 4.2 To 4.2.0.14. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

CVE-2019-14336

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request...

CVE-2019-14338

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface...

CVE-2019-14332

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1...

Design/Logic Flaw

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface...

CVE-2019-14336

CVE-2019-14336 affects D-Link 6600-AP and DWL-3600AP with firmware 4.2.0.14 Ax. The vulnerability enables post-authenticated dump of all configuration files via an insecure HTTP request to admin.cgi, leading to information disclosure. Multiple connected sources corroborate an authenticated access...

CVE-2019-14332

CVE-2019-14332 affects D-Link 6600-AP and DWL-3600AP (Ax 4.2.0.14). The issue is the use of weak SSH ciphers (e.g., diffie-hellman-group1-sha1) in affected firmware. Evidence in multiple sources confirms the vulnerability details and affected devices; some sources also reference related SSH brute...