IBM Storage Scale 安全漏洞

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations efficiently manage and scale storage resources to meet growing data storage needs. A security vulnerability exists in IBM Storage Scale versions 5.1.9.0 through 5.1.9.6 and 5.2.0.0...

PT-2024-24270 · Ibm · Ibm Storage Scale Gui

Name of the Vulnerable Software and Affected Versions: IBM Storage Scale GUI versions 5.1.9.0 through 5.1.9.6 IBM Storage Scale GUI versions 5.2.0.0 through 5.2.1.1 Description: A local privilege escalation issue exists, allowing a malicious actor with command line access to the scalemgmt user to...

CVE-2024-0156

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation...

CVE-2024-0155

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code...

PT-2024-15361 · Dell · Dell Digital Delivery

Name of the Vulnerable Software and Affected Versions: Dell Digital Delivery versions prior to 5.2.0.0 Description: The issue is a Use After Free Vulnerability that could be exploited by a local low privileged attacker, potentially leading to application crash or execution of arbitrary code...

Dell iDRAC9 Security Vulnerability

The Dell iDRAC9 is a Dell offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A controller. A security vulnerability exists in Dell iDRAC Service Module 5.2.0.0 and prior versions, which originates from a vulnerability tha...

PT-2024-19416 · Dell · Idrac Service Module

Name of the Vulnerable Software and Affected Versions: Dell iDRAC Service Module versions 5.2.0.0 and prior Description: The issue is related to Incorrect Default Permissions, which may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system...

Security Bulletin: Cross-Site Scripting Vulnerability Affects the Dashboard User Interface of IBM Sterling B2B Integrator (CVE-2021-20553)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-20553 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...

Security Bulletin: Apache WSS4J Vulnerabilities Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed the security vulnerablities from WSS4J. Vulnerability Details CVEID: CVE-2015-0227 DESCRIPTION: Apache WSS4J could allow a remote attacker to bypass security restrictions, caused by the failure to properly enforce the...

Information disclosure

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656...

IBM Sterling B2B Integrator 安全漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator Standard Edition versions 5.2.0...

IBM Sterling B2B Integrator 安全漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator Standard Edition prior to...

CVE-2019-4728

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.52, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this...

CVE-2020-4937

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814...

CVE-2020-4700

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077...

Security Bulletin: SQL Injection Vulnerability Affects EBICS in IBM Sterling B2B Integrator (CVE-2020-4655)

Summary IBM Sterling B2B Integrator has addressed the SQL injection vulnerability in EBICS. Vulnerability Details CVEID: CVE-2020-4655 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which cou...

Security Bulletin: Cross-Site Scripting Security Vulnerability Affects IBM Sterling B2B Integrator Standard Edition ( CVE-2020-4564)

Summary IBM Sterling B2B Integrator Standard Edition has addressed XSS security vulnerability. Vulnerability Details CVEID: CVE-2020-4564 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition and IBM Sterling File Gateway are vulnerable to cross-site scripting. This vulnerability allows users...

Security Bulletin: Information Disclosure Security Vulnerability Exists in IBM Sterling B2B Integrator (CVE-2020-4312)

Summary IBM Sterling B2B Integrator has addressed the information disclousure security vulnerability Vulnerability Details CVEID: CVE-2020-4312 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information from a cached web page. CVSS...

Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling B2B Integrator Dashboard User Interface (CVE-2019-4596)

Summary IBM Sterling B2B Integrator has addressed the Cross-Site Scripting vulnerability. Vulnerability Details CVEID: CVE-2019-4596 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code ...

CVE-2020-4299

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606...