454 matches found
Security Bulletin: IBM Edge Application Manager is vulnerable to an authorization bypass.
Summary IBM Edge Application Manager is vulnerable to an authorization bypass CVE-2024-45337. Vulnerability Details CVEID:CVE-2024-45337 DESCRIPTION: Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. The documentatio...
Vulnerabilities fixed in Ivanti Connect Secure and Policy Secure
Ivanti has fixed vulnerabilities in Ivanti Connect Secure Specific for versions prior to 22.7R2.4 and Policy Secure Specific for versions prior to 22.7R1.2. The vulnerabilities are in the Secure Application Manager component and the IPSEC component of Ivanti Connect Secure and Policy Secure and d...
CVE-2024-9844
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions...
CVE-2024-9844
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions...
PT-2024-39882 · Ivanti · Ivanti Connect Secure
Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.4 Description: The issue is related to insufficient server-side controls in the Secure Application Manager of Ivanti Connect Secure. This allows a remote authenticated attacker to bypass...
Ivanti Connect Secure 安全漏洞
Ivanti Connect Secure is a secure remote network connection tool from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Connect Secure versions prior to 22.7R2.4 that stems from insufficient server-side controls in Secure Application Manager. An attacker can exploit the...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2024-45071)
Summary IBM WebSphere Application Server is used by IBM Tivoli System Automation Application Manager and is vulnerable to cross-site scripting in the Admin Console. Required fixes for affected WebSphere Application Server has been published in the security bulletin links below. Vulnerability...
Security Bulletin: IBM WebSphere Application Server traditional shipped with IBM Tivoli System Automation Application Manager is vulnerable to an XML External Entity Injection (XXE) vulnerability
Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager CVE-2024-45072 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...
Security Bulletin: IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service
Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application ManagerCVE-2024-45085 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affecte...
Security Bulletin: IBM Edge Application Manager 4.5.8 addresses the security vulnerabilities listed in the CVEs below.
Summary IBM Edge Application Manager 4.5.8 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-43799 DESCRIPTION: pillarjs send is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could...
Security Bulletin: IBM Edge Application Manager 4.5.8 addresses the security vulnerabilities listed in the CVEs below.
Summary IBM Edge Application Manager 4.5.8 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-39338 DESCRIPTION: Axios is vulnerable to server-side request forgery, caused by a flaw with requests for path relative URLs get processed as protocol...
Security Bulletin: A vulnerability in SQLite affects IBM Tivoli Composite Application Manager for Transactions (Response Time)
Summary SQLite SQLite3 is used by IBM Tivoli Composite Application Manager for Transactions Response Time Vulnerability Details CVEID:CVE-2023-7104 DESCRIPTION: SQLite SQLite3 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the sessionReadRecord function in...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2019-4505)
Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed IBM WebSphere Application Server is vulnerable to remote code execution
Summary The security issue described in CVE-2024-35154 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2024-35154)
Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.
Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-29018 DESCRIPTION: moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By sending...
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2024-37532)
Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: WebSphere Application Server traditional could provide weaker than expected security for outbound SSL connections (CVE-2023-50313 )
Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server is vulnerable to a denial of service (CVE-2024-25026).
Summary The security issue described in CVE-2024-25026 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: WebSphere Application Server traditional is vulnerable to a server-side request forgery (SSRF) vulnerability (CVE-2024-22329)
Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager CVE-2024-22329 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...