CVE-2022-43770

Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API...

Security Bulletin: IBM MQ is vulnerable to multiple Jetty vulnerabilities (CVE-2021-34428, CVE-2021-34429, CVE-2021-28169)

Summary Multiple issues were identified in Eclipse Jetty that IBM MQ Explorer uses and is affected by. Vulnerability Details CVEID: CVE-2021-34428 DESCRIPTION: Eclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session ID is not invalidated flaw when an...

Security Bulletin: IBM MQ Appliance is affected by a disclosure of sensitive information vulnerability (CVE-2021-39000)

Summary IBM MQ Appliance has resolved a disclosure of sensitive information vulnerability. Vulnerability Details CVEID: CVE-2021-39000 DESCRIPTION: IBM MQ could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. CVSS Base score: 5.9 CVSS...

Security Bulletin: IBM MQ Appliance is affected by a sensitive information disclosure vulnerability (CVE-2021-38999)

Summary IBM MQ Appliance has resolved a sensitive information disclosure vulnerability. Vulnerability Details CVEID: CVE-2021-38999 DESCRIPTION: IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. CVSS Base score: 5.1 CVSS...