Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.4 security update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

SAP Business Warehouse Universal Data Integration Cross-Site Scripting Vulnerability

SAP Business Warehouse BW is an implementation of SAP's analytical data warehouse solution, Universal Data Integration UDI is a common data analysis interface. A cross-site scripting vulnerability exists in SAP BW UDI, which stems from the program's failure to adequately encrypt user input. A...

CVE-2017-16685

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

Cross site scripting

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

CVE-2017-16685 refers to a Cross-Site Scripting (XSS) vulnerability in SAP Business Warehouse Universal Data Integration (U DI) affecting SAP BW UDI versions 7.10–7.50. The root cause is insufficient encoding of user-controlled inputs, enabling an attacker to execute malicious scripts in a victim...

IBM InfoSphere DataStage Information Disclosure Vulnerability

IBM InfoSphere DataStage is a set of IBM's ETL Extract, Transform, and Load tools to provide data integration solutions in a graphical interface, and is part of the IBM suite of information platform solutions and IBM InfoSphere. An information disclosure vulnerability exists in IBM InfoSphere...

Critical: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Pentaho Data Integration (PDI) Suite Version Detection

Detects the installed version of Pentaho Data Integration PDI Suite. This script sends an HTTP GET request and checks for the presence of Pentaho Data Integration PDI Suite from the response. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text...

AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain ...

CVE-2015-6940

The GetResource servlet in Pentaho Business Analytics BA Suite 4.5.x, 4.8.x, and 5.0.x through 5.2.x and Pentaho Data Integration PDI Suite 4.3.x, 4.4.x, and 5.0.x through 5.2.x does not restrict access to files in the pentaho-solutions/system folder, which allows remote attackers to obtain...

Information disclosure

The GetResource servlet in Pentaho Business Analytics BA Suite 4.5.x, 4.8.x, and 5.0.x through 5.2.x and Pentaho Data Integration PDI Suite 4.3.x, 4.4.x, and 5.0.x through 5.2.x does not restrict access to files in the pentaho-solutions/system folder, which allows remote attackers to obtain...

CVE-2015-6940

The GetResource servlet in Pentaho Business Analytics BA Suite 4.5.x, 4.8.x, and 5.0.x through 5.2.x and Pentaho Data Integration PDI Suite 4.3.x, 4.4.x, and 5.0.x through 5.2.x does not restrict access to files in the pentaho-solutions/system folder, which allows remote attackers to obtain...

CVE-2015-6940

CVE-2015-6940 affects Pentaho BA Suite (4.5.x, 4.8.x, 5.0.x–5.2.x) and PDI Suite (4.3.x–5.2.x); the GetResource servlet does not restrict access to pentaho-solutions/system, enabling remote attackers to retrieve passwords and other sensitive info via a resource parameter. Impact is information di...

Pentaho GA PDI & Pentaho GA BA Authentication Bypass Vulnerability

Pentaho is a suite of open source business intelligence products. An authentication bypass vulnerability exists in Pentaho GA PDI & Pentaho GA BA, which can be exploited by an attacker to access sensitive files and obtain password information...

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update

Red Hat JBoss Data Virtualization 6.0.0 roll up patch 3, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Sql injection

SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema...

CVE-2013-7355

CVE-2013-7355 : The Red Hat, NVD and related records describe a SQL injection vulnerability in SAP BI Universal Data Integration . It allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with the issue tied to the J2EE schema . The available sources do not provide ex...

U.S. Government Publishes List of Top IT Projects

HED: Security and data integration projects top list of top .GOV IT projects DEK: Stovepipe busting and data sharing are common themes as Uncle Sam details the top IT projects. The White House’s Office of Management and Budget OMB on Monday released its list of the top 26 government IT projects, ...