Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2017-1743)

Summary WebSphere Application Server is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server shipped with IBM Tivoli Network Performance Manager Wireless Platform (CVE-2014-3566 and CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server as a component of IBM Tivoli Network Performance Manager Wireless Platform . This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE...

CVE-2012-0736

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site...

CVE-2012-0734

IBM Rational AppScan Enterprise 5.x and 8.x prior to 8.5.0.1 are affected by an issue where jobs import is not handled correctly, allowing a man-in-the-middle to obtain sensitive information or cause unspecified impact via a crafted job. The vulnerability is described in CVE-2012-0734 with a CVSS...

CVE-2012-0731

CVE-2012-0731 affects IBM Rational AppScan Enterprise 5.x and 8.x prior to 8.5.0.1. The root cause is failure to prevent service-account impersonation, which could allow remote authenticated users to read arbitrary files through unspecified vectors. The known impact is read access to arbitrary fi...

CVE-2012-0735

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 are affected by CVE-2012-0735 due to improper scanning of file: URLs, which can allow a man-in-the-middle to obtain sensitive information via a crafted URI. The impact is information disclosure and potential unspecified additional impact....

CVE-2011-3124

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors...

CVE-2011-3124

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors...