Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Configuration Manager (CVE-2015-7450)

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Netcool Configuration Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bullet...

Security Bulletin: A Cross-site scripting vulnerability in IBM Websphere Application Server, affects IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2016-8934)

Summary There is a potential Cross-site scripting security vulnerability in IBM WebSphere Application Server, that is used by IBM Tivoli Netcool Configuration Manager ITNCM. Vulnerability Details CVEID: CVE-2016-8934 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site...

Security Bulletin: Security Vulnerability in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Configuration Manager(CVE-2015-3183)

Summary There are vulnerabilities reported in IBM Websphere 7.0.0.37. IBM Tivoli Netcool Configuration Manager is affected by the following. Request smuggling vulnerability may affect the IBM HTTP Server used by IBM WebSphere Application Server Vulnerability Details CVEID: CVE-2015-3183...

Security Bulletin: Vulnerabilities in OpenSource Spring Source/Pivotal Spring Framework affect IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2013-7315, CVE-2013-4152, CVE-2014-0054)

Summary There are a number of potential security vulnerabilities in OpenSource Spring Source/Pivotal Spring Framework, that is used by IBM Tivoli Netcool Configuration Manager ITNCM. Vulnerability Details CVEID: CVE-2013-7315 DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to...

Security Bulletin: A vulnerability in IBM Websphere affects IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2016-0306)

Summary There is a potential security vulnerability in IBM WebSphere Application Server, which is used by IBM Tivoli Netcool Configuration Manager ITNCM. The potential vulnerability is only applicable, if 'FIPS 140-2' is enabled. Vulnerability Details CVEID: CVE-2016-0306 DESCRIPTION: IBM WebSphe...

Security Bulletin: HTTP response splitting vulnerability in IBM WebSphere Application Server affect IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2016-0359)

Summary There is a potential HTTP response splitting vulnerability in IBM WebSphere Application Server, that is used by IBM Tivoli Netcool Configuration Manager ITNCM. These issues were disclosed as part of the Security Bulletin: HTTP Response Splitting in WebSphere Application Server...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM) (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 20 and subsequent releases, that is used by IBM Tivoli Netcool Configuration Manager ITNCM. These issues were disclosed as part of the IBM Java SDK updates for...

SolarWinds Network Configuration Manager (NCM) Detection (Windows SMB Login)

SMB login-based detection of SolarWinds Network Configuration Manager NCM. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Backup job fails with a SQL VSS Writer error after installing ACT! Software

Article Applicability This article is only applicable to a scenario involving all four of the following: 1. A Backup Job using Application-Aware Processing 2. A Guest OS with ACT! Software Installed 3. This VSS error: Writer's state: VSSWSFAILEDATPREPARESNAPSHOT. Error code: 0x800423f4. 4. This...

Security update for Adobe Flash Player: November 20, 2018

Security update for Adobe Flash Player: November 20, 2018 Summary This security update resolves vulnerabilities in Adobe Flash Player that is installed on any of the operating systems that listed in the "Applies to" section. To learn more about the vulnerability, see ADV180030. More Information...

CVE-2018-18980

An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...

Xxe

An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...

CVE-2018-18980

An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...

CVE-2018-18980

An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...

CVE-2018-18980

CVE-2018-18980 is an XML External Entity (XXE) vulnerability affecting Zoho ManageEngine Network Configuration Manager and OpManager prior to 12.3.214. The issue arises in the RequestXML parameter processed by a /devices/ProcessRequest.do GET request, which could cause the transmission of local f...

Zoho ManageEngine Network Configuration Manager and OpManager XML External Entity Injection Vulnerability

ZOHO ManageEngine Network Configuration Manager and OpManager are both products of ZOHO Inc. ZOHO ManageEngine Network Configuration Manager is a suite of network configuration management, network change and configuration management NCCM software for configuring switches, routers, firewalls and...

K-Net Cisco Configuration Manager Cross-Site Scripting Vulnerability

K-Net Cisco Configuration Manager is a PHP and MySQL based tool for managing the configuration of Cisco devices. A cross-site scripting vulnerability exists in K-Net Cisco Configuration Manager 2014-11-19 and earlier versions, which can be exploited by remote attackers to inject arbitrary web...

CVE-2018-17051

K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php...

CVE-2018-17051

K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php...

Code injection

K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php...