Lucene search
K

27 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/29 11:55 a.m.16 views

Security Bulletin: IBM QRadar SIEM protocols are vulnerable to information exposure due to Apache Commons Net FTP client behavior (CVE-2021-37533)

Summary Apache Commons Net could allow an attacker to cause information exposure due to improper input validation in the FTP client component. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default....

6.5CVSS6.2AI score0.01858EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2021-37533

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a...

6.5CVSS6.4AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.22 views

Oracle Siebel Server <= 23.5 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: EAI JSON-java. Supported versions that are affected are 23.5 and prior...

9.8CVSS6.5AI score0.52458EPSS
Exploits12References14
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.28 views

RHEL 9 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-net: FTP client trusts the host from PASV response by default CVE-2021-37533 - Those using...

7.5CVSS7.3AI score0.01858EPSS
Exploits4References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/10 4:9 p.m.18 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to a remote attack due to Apache Commons Net (CVE-2032-37533)

Summary The IBM Integration Bus for z/OS toolkit is vulnerable to a remote attack due to Apache Commons Net. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain...

6.5CVSS6.4AI score0.01858EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2023/10/19 12:0 a.m.58 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...

9.8CVSS7.7AI score0.76768EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:44 a.m.50 views

Security Bulletin: There is a vulnerability in Apache Commons Net used by IBM Jazz Reporting Service (CVE-2021-37533)

Summary There is a vulnerability in Apache Commons Net used by IBM Jazz Reporting Service. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusts the host from PASV...

6.5CVSS6.3AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 1:32 p.m.49 views

Security Bulletin: Vulnerability found in commons-net-1.4.1.jar which is shipped with IBM® Intelligent Operations Center(CVE-2021-37533)

Summary Vulnerability have been identified in commons-net-1.4.1.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

6.5CVSS6.5AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/30 11:8 a.m.29 views

Security Bulletin: Addressing the Security vulnerability CVE-2021-37533 found in commons-net-1.4.1.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following commons-net-1.4.1.jar vulnerability and updated commons-net-1.4.1.jar to version 3.9.0 Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow ...

6.5CVSS6.5AI score0.01858EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/19 12:0 a.m.60 views

Oracle Primavera Gateway (Jul 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Commons Net. Supported versions that...

7.5CVSS6.5AI score0.01858EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 8:26 p.m.39 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to remote code execution due to Apache Commons Net (CVE-2021-37533)

Summary Apache Commons Net is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web service infrastructure. Information about security vulnerabilities affecting Apache Commons Net has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache...

6.5CVSS6.7AI score0.01858EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/19 4:32 p.m.64 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.13.3 security update

Red Hat Integration Camel Extensions for Quarkus 2.13.3 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability...

7.5CVSS6.6AI score0.01858EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 6:2 p.m.36 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Net (CVE-2021-37533)

Summary A vulnerability in Apache Commons Net used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusts the host from...

6.5CVSS6.3AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 3:25 p.m.50 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

7.5CVSS7.5AI score0.0276EPSS
Exploits3Affected Software1
OpenVAS
OpenVAS
added 2023/04/26 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-6037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.29 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache Commons Net vulnerability (USN-6037-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6037-1 advisory. ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote...

6.5CVSS6.5AI score0.01858EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/30 7:16 p.m.36 views

Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to sensitive information disclosure due to Apache Commons Net (CVE-2021-37533)

Summary Apache Commons Net is used by the included zOS Utility plugin FTP Artifacts step to connect to remote FTP servers. By persuading a victim to connect to a specially-crafted server, an attacker could exploit this vulnerability to obtain information about services running on the private...

6.5CVSS6.4AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 8:13 p.m.68 views

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to remote code execution from Apache Commons Net (CVE-2021-37533)

Summary Apache Common Net is used by IBM Tivoli Netcool Impact to provide telnet connectivity for the CommandResponse service. IBM Tivoli Netcool Impact has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to...

6.5CVSS6.3AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/09 10:16 p.m.60 views

Security Bulletin: IBM MQ is affected by a vulnerability in Apache Commons Net (CVE-2021-37533)

Summary IBM MQ Managed File Transfer is affected by a vulnerability in Apache Commons Net. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusting the host from PASV...

6.5CVSS6.4AI score0.01858EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.6 views

SUSE CVE-2021-37533

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.5CVSS8.2AI score0.01858EPSS
Exploits0References7
Rows per page
Query Builder