19 matches found
EUVD-2015-7358
Malware in sbrugna...
EUVD-2015-7357
Malware in sbrugna...
Security Bulletin: A security vulnerability has been identified in IBM Cognos Business Intelligence shipped with IBM Capacity Management Analytyics (CVE-2016-0201)
Summary IBM Cognos Business Intelligence is shipped as a component of IBM Capacity Management Analytyics. Information about a security vulnerability affecting IBM Cognos Business Intelligence has been published in a security bulletin. Vulnerability Details Consult the following security bulletins...
Security Bulletin: IBM Capacity Management Analytics affected by vulnerability password easy to decrypt in shell files (CVE-2015-7432)
Summary It is very easy to decrypt user and admin password from the setenv.sh and parameter.txt file Vulnerability Details CVEID: CVE-2015-7432 DESCRIPTION: IBM Capacity Management Analytics could allow a local user with special privileges to decrypt other CMA user's usernames and passwords. CVSS...
Security Bulletin: IBM Capacity Management Analytics could allow a localuser on the CMA install machine to obtain other CMA user's encrypted usernames and passwords (CVE-2105-7434)
Summary The encrypted password in setenv.sh is always the same which becomes easy to decrypt Vulnerability Details CVEID: CVE-2015-7434 DESCRIPTION: IBM Capacity Management Analytics could allow a local user on the CMA install machine to obtain other CMA user's encrypted usernames and passwords...
Security Bulletin: IBM Capacity Management Analytics is affected by a plaintext password vulnerability (CVE-2015-7433)
Summary IBM Capacity Management Analytics could allow a local user on the CMA install machine to obtain other CMA user's usernames and passwords in plaintext during the CMA install. Vulnerability Details CVEID: CVE-2015-7433 DESCRIPTION: IBM Capacity Management Analytics could allow a local user ...
IBM Capacity Management Analytics Information Disclosure Vulnerability (CNVD-2018-06652)
IBM Capacity Management Analytics is a suite of capacity management analytics solutions from IBM USA for managing and predicting the usage of IBM zEnterprise infrastructure mainframe computer resources. A security vulnerability exists in IBM Capacity Management Analytics. A local attacker could...
Design/Logic Flaw
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107862...
CVE-2015-7434
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107863...
CVE-2015-7432
IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. IBM X-Force ID: 107861...
Code injection
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107863...
Default credentials
IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. IBM X-Force ID: 107861...
CVE-2015-7434
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107863...
CVE-2015-7434
IBM Capacity Management Analytics 2.1.0.0 contains a local-authentication disclosure flaw: a local user on the CMA install machine can obtain other CMA users’ encrypted usernames and passwords via a static password in setenv.sh. The issue is actionable on the CMA install host and is fixed in CMA ...
CVE-2015-7432
CVE-2015-7432 affects IBM Capacity Management Analytics 2.1.0.0. A local attacker with special privileges could decrypt usernames and passwords by abusing access to the files setenv.sh and parameter.txt, exposing sensitive credentials. The IBM advisory confirms the vulnerability exists in CMA 2.1...
CVE-2015-7433
IBM Capacity Management Analytics 2.1.0.0 is affected by CVE-2015-7433, where a local attacker on the CMA install machine can obtain other CMA users’ usernames and plaintext passwords during installation. The issue arises from insecure handling during the CMA install process. The IBM security bul...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability (CNVD-2016-01392)
IBM Capacity Management Analytics is a suite of capacity management analytics solutions for managing and predicting the utilization of IBM zEnterprise infrastructure resources. A local security vulnerability exists in IBM Capacity Management Analytics that allows a local attacker to exploit the...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability (CNVD-2016-01329)
IBM Capacity Management Analytics is a suite of capacity management analytics solutions from IBM USA for managing and predicting the usage of IBM zEnterprise infrastructure mainframe computer resources. A local information disclosure vulnerability exists in IBM Capacity Management Analytics. A...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability
IBM Capacity Management Analytics is a suite of capacity management analytics solutions from IBM USA for managing and predicting the usage of IBM zEnterprise infrastructure mainframe computer resources. A local information disclosure vulnerability exists in IBM Capacity Management Analytics. A...