Security Bulletin: IBM Sterling Control Center vulnerable to arbitrary file upload and sensitive information exposure due to IBM Cognos Analytics (CVE-2021-38945, CVE-2021-29768)

Summary IBM Cognos Analytics is shipped with IBM Sterling Control Center. To address multiple vulnerabilities, IBM Sterling Control Center now includes IBM Cognos Analytics 11.1.7.5. Vulnerability Details CVEID:CVE-2021-38945 DESCRIPTION: IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allo...

Fuji Electric Monitouch V-SFT 缓冲区错误漏洞

Fuji Electric Monitouch V-SFT is a screen configuration software from Fuji Electric Japan. A buffer error vulnerability exists in Fuji Electric Monitouch V-SFT version 6.1.3.0 that originates from a boundary condition. A remote attacker could exploit the vulnerability to access potentially...

Security Bulletin: Linux Kernel vulnerability may affect IBM Elastic Storage System (CVE-2021-4083)

Summary There are security vulnerabilities in versions of Linux Kernel that are shipped with versions of IBM Elastic Storage System. A fix for these vulnerabilities is available. Vulnerability Details CVEID: CVE-2021-4083 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated...

Security Bulletin: A vulnerability in Java SE affects IBM Control Center (CVE-2021-35578)

Summary A maliciously crafted TLS 1.3 ClientHello packet can trigger a NullPointerException and an SSLException instead ofbeing rejected gracefully. The fix ensures that the invalid data is rejected gracefully. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: Apache Log4j Vulnerability Affects IBM Sterling Control Center (CVE-2021-44228)

Summary Apache Log4j is used by IBM Sterling Control Center. This bulletin provides fixes for the reported CVE-2021-44228 and work around mitigation. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused...

Security Bulletin: Apache Commons Codec Vulnerability Affects IBM Control Center

Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...

Unspecified Vulnerability in Oracle Supply Chain Products Suite Agile Engineering Data Management Component

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle that provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile Engineering Data Management is one of the Data Management component. A remote security vulnerability exist...

CVE-2016-0498

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows local users to affect confidentiality via unknown vectors related to Install...

CVE-2015-0490

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to BAS - Base Component...