Lucene search
K

71 matches found

CNVD
CNVD
added 2019/01/15 12:0 a.m.3 views

IBM SPSS Analytic Server Cross-Site Scripting Vulnerability

IBM SPSS Analytic Server is a suite of IBM engines for predictive analytics of big data from IBM in the United States, which generates predictions and recommendations in big data to achieve optimal performance on a wide range of large amounts of data. A cross-site scripting vulnerability exists i...

5.4CVSS6.3AI score0.00968EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/13 5:40 p.m.16 views

Security Bulletin: IBM® SPSS Analytic Server is vulnerable to Cross-Site Scripting (CVE-2018-1772)

Summary IBM SPSS Analytic Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID:...

5.4CVSS1.4AI score0.00968EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/10 3:35 p.m.34 views

Security Bulletin: Potential MITM attack in Apache CXF used by IBM® WebSphere™ Application Server Liberty affects IBM® SPSS Analytic Server (CVE-2018-8039)

Summary There is a potential man-in-the-middle attack in Apache CXF used by IBM WebSphere Application Server Liberty that affects SPSS Analytic Server. Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a man-in-the-middle attack. The TLS...

8.1CVSS0.8AI score0.10348EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/29 12:24 p.m.24 views

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM SPSS Analytic Server (CVE-2018-2602, CVE-2018-2634)

Summary An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors, and could cause low confidentiality impact, low integrity impact, and low availability...

6.8CVSS1.6AI score0.04532EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:19 p.m.21 views

Security Bulletin: Security vulnerability in Apache Commons FileUpload used by WebSphere Application Server affects IBM SPSS Analytic Server (CVE-2016-1000031)

Summary The Apache Commons FileUpload that is used by IBM® WebSphere™ Application Server affects IBM SPSS Analytic Server. The potential threat could allow a remote attacker to execute arbitrary code on the system. The fix for this issue requires an update to the Websphere application server...

9.8CVSS1.3AI score0.34731EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:18 p.m.24 views

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM SPSS Analytic Server (CVE-2017-10356, CVE-2017-10388)

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Libraries component could allow an unauthenticated attacker to take control of the system. Vulnerability Details CVEID: CVE-2017-10356 DESCRIPTION: An unspecified vulnerability in Oracle Java SE relate...

7.5CVSS1.1AI score0.03206EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:48 p.m.73 views

Security Bulletin: zlib vulnerability may affect IBM® SDK, Java™ Technology Edition

Summary zlib is vulnerable to a denial of service, caused by an out-of-bounds pointer arithmetic in inftrees.c. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service. Vulnerability Details CVE IDs: CVE-2016-984...

9.8CVSS2.1AI score0.07489EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:45 p.m.25 views

Security Bulletin: Vulnerability in IBM® WebSphere™ Application Server Liberty affects IBM SPSS Analytic Server (CVE-2016-0378)

Summary IBM® WebSphere™ Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling of exceptions when a default error page does not exist. Vulnerability Details CVEID: CVE-2016-0378 DESCRIPTION: IBM WebSphere Application Server Liberty cou...

4.3CVSS0.7AI score0.01653EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:44 p.m.22 views

Security Bulletin: Vulnerability in the IBM WebSphere Application Server that is bundled with IBM SPSS Analytic Server (CVE-2016-5983)

Summary The IBM® WebSphere™ Application Server is shipped with IBM SPSS Analytic Server. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin listed in the...

0.7AI score0.04116EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:40 p.m.37 views

Security Bulletin: An unspecified JMX component vulnerability affects IBM SPSS Analytic Server (CVE-2016-3427)

Summary The IBM® Runtime Environment Java™ Technology Edition, Version 1.7, that is used by IBM SPSS Analytic Server, contains an unspecified vulnerability related to the JMX component. The vulnerability allows remote attackers to affect confidentiality, integrity, and availability via vectors...

10CVSS6.8AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:38 p.m.20 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SPSS Analytic Server (CVE-2015-4872, CVE-2015-4734 , CVE-2015-5006, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 1.6 and 1.7 that is used by IBM SPSS Analytic Server. These issues were disclosed as part of the IBM Java SDK updates in October 2015 and includes the vulnerability commonly referred to as...

5.9CVSS0.9AI score0.04695EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:37 p.m.11 views

Security Bulletin: Multiple vulnerabilities in bundled components affects IBM SPSS Analytic Server (CVE-2015-7450).

Summary An Apache Commons Collections vulnerability in handling Java object deserialization was addressed by IBM SPSS Analytic Server. An updated IBM WebSphere Liberty run time is shipped to address a security vulnerability in IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-7450...

10CVSS7.7AI score0.97655EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:14 p.m.28 views

Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Analytic Server (CVE-2015-4000)

Summary Vulnerabilities in SSL/TLS protocol during key exchange phase using Diffie-Hellman DH ciphersuite, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacke...

4.3CVSS6AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:14 p.m.14 views

Security Bulletin: Password displayed in plaintext in logs (CVE-2014-0920)

Summary IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view. Vulnerability Details CVEID: CVE-2014-0920 DESCRIPTION: IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view...

4CVSS1AI score0.0162EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:14 p.m.10 views

Security Bulletin: Vulnerabilities in IBM SDK Java Technology Edition, Versions 1.6 and 1.7, affect IBM SPSS Analytic Server (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® SDK Java™ Technology Edition, Version 1.6 and 1.7, that is used by IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION : A vulnerability in various IBM SSL/TL...

4.3CVSS6.6AI score0.03239EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:14 p.m.32 views

Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Analytic Server (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM SPSS Analytic Server. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...

4.3CVSS6.3AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:44 p.m.36 views

Security Bulletin: A security vulnerability has been identified in multiple products shipped with IBM Predictive Maintenance and Quality: CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-757

Summary IBM WebSphere Application Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services,IBM Integration Bus, IBM ILOG CPLEX Optimization Studio, IBM SPSS Analytic Server and IBM SPSS Modeler are shipped as components of IBM...

10CVSS1.5AI score0.14714EPSS
Exploits1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

IBM Cognos tm1admsd.exe Overflow Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/15 12:0 a.m.39 views

IBM SPSS Analytic Server信任管理漏洞

CVE ID:CVE-2014-0920 IBM SPSS Analytic Server是美国IBM公司的一套用于大数据预测性分析的IBM引擎,它可在大数据中产生预测和建议,从而实现各种大量数据的最优性能。 IBM SPSS Analytic Server存在安全漏洞,该由于程序以明文方式记录密码,远程攻击者可利用该漏洞获取敏感信息。 0 IBM SPSS Analytic Server 1.0.0.0 IBM SPSS Analytic Server 1.0.1.0 目前厂商已经发布了升级补丁以修复漏洞,请下载使用:...

4CVSS6.6AI score0.0162EPSS
Exploits1
NVD
NVD
added 2014/04/10 11:55 p.m.18 views

CVE-2014-0920

IBM SPSS Analytic Server 1.0 before IF002 and 1.0.1 before IF004 logs cleartext passwords, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS5.6AI score0.0162EPSS
Exploits1References3
Rows per page
Query Builder