Lucene search
K

753 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/01/16 11:59 a.m.44 views

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Necool Configuration Manager (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager v6.4.2, which was disclosed in the Oracle April 2022 Critical Patch Update. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerabilit...

5.3CVSS6AI score0.02651EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/16 11:58 a.m.33 views

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Netcool Configuration Manager (CVE-2022-21541, CVE-2022-21540).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle July 2022 Critical Patch Update Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An unspecified...

5.9CVSS6.3AI score0.0296EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2023/01/10 12:0 a.m.8 views

Citrix Workspace App fails to open ICA file automatically

CWA configuration manager fails to open ICA file automatically with the error message: "ICA Client Configuration Manager: Could not find the file names C:\Users\..\launch.ica. Please check your installation, or contact your administrator."...

7AI score
Exploits0
Kitploit
Kitploit
added 2023/01/03 11:30 a.m.76 views

PXEThief - Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager

PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out of Configuration Manager https://forum.defcon.org/node/241925 against the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager or ConfigMgr, still...

7.2AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/01 11:5 a.m.32 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2022-38712)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/25 11:26 a.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2022-22473)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

5.3CVSS4.6AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/25 11:14 a.m.25 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2022-22477)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

6.1CVSS6.2AI score0.00495EPSS
Exploits0Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/11/14 12:0 a.m.5 views

Zoho ManageEngine Command Injection (CVE-2021-43319)

A command injection vulnerability exists in ManageEngine Network Configuration Manager. This vulnerability is due to insufficient validation in the ipaddress field of the ping functionality in add device web interface...

7.5CVSS2.8AI score0.21398EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/10/12 12:0 a.m.6 views

The vulnerability of the Solarwinds Information Service (SWIS) software’s Network Configuration Manager (NCM) allows a hacker to expose user credentials.

The vulnerability of the Solarwinds Information Service SWIS software’s Network Configuration Manager NCM lies in the ability to execute commands remotely. Exploiting this vulnerability could allow a malicious actor to gain access to user credentials...

6.8CVSS6.7AI score0.00446EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/10 11:15 p.m.4 views

CVE-2021-35226

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service SWIS. Exposed credentials are encrypted and require authenticated access with an NCM role...

6.5CVSS5.8AI score0.00446EPSS
Exploits0References1
NVD
NVD
added 2022/10/10 11:15 p.m.12 views

CVE-2021-35226

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service SWIS. Exposed credentials are encrypted and require authenticated access with an NCM role...

6.5CVSS0.00446EPSS
Exploits0References1
Prion
Prion
added 2022/10/10 11:15 p.m.17 views

Design/Logic Flaw

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service SWIS. Exposed credentials are encrypted and require authenticated access with an NCM role...

4CVSS6.5AI score0.00446EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/10/10 12:0 a.m.54 views

CVE-2021-35226

CVE-2021-35226 affects SolarWinds Network Configuration Manager (NCM). A misconfiguration in NCM exposes a password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. Documented impact is limited to credential expos...

6.5CVSS6.6AI score0.00446EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.5 views

PT-2022-5000 · Solarwinds · Network Configuration Manager

Name of the Vulnerable Software and Affected Versions: Network Configuration Manager affected versions not specified Description: The issue is related to a misconfigured entity in the Network Configuration Manager product, which exposes a password field to the Solarwinds Information Service SWIS...

6.8CVSS6.4AI score0.00446EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 6:32 p.m.14 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2022-22365)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

5.9CVSS5.6AI score0.00553EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 6:30 p.m.62 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about multiple security vulnerabilitiesCVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556 affecting IBM WebSphere...

9.8CVSS8.2AI score0.19008EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.16 views

Security Bulletin: Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2013-4025, CVE-2013-4024, CVE-2013-4022)

Abstract Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows which could allow an attacker to view sensitive information or perform actions as a compromised user...

4.3CVSS5.7AI score0.01066EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.6 views

The vulnerability of the Microsoft Endpoint Configuration Manager software for managing network devices allows a hacker to execute a spear-phishing attack and gain access to sensitive information, due to errors during the authentication process using Kerberos with NTLM.

The vulnerability of the Microsoft Endpoint Configuration Manager software for managing network devices is related to errors that occur during the authentication process using Kerberos and NTLM. Exploiting this vulnerability allows an attacker to execute a spear-phishing attack and gain access to...

7.8CVSS7.2AI score0.01412EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/09/23 12:0 a.m.191 views

Microsoft Endpoint Configuration Manager Spoofing (KB15498768)

The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in KB15498768. It is, therefore, affected by a spoofing vulnerability. Under some conditions, clients will fallback to NTLM authentication even if NTLM authentication is...

7.5CVSS7.4AI score0.01412EPSS
Exploits0References3
CISA
CISA
added 2022/09/21 12:0 a.m.31 views

Microsoft Releases Out-of-Band Security Update for Microsoft Endpoint Configuration Manager

Microsoft has released a security update to address a vulnerability in Microsoft Endpoint Configuration Manager, versions 2103-2207. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

1.8AI score0.01412EPSS
Exploits0References1
Rows per page
Query Builder