Security Bulletin: Improper Authorization for IBM Jazz for Service Management export file via ExportServlet url (CVE-2023-46186)

Summary Improper Authorization for IBM Jazz for Service Management export file via ExportServlet url CVE-2023-46186 Vulnerability Details CVEID:CVE-2023-46186 DESCRIPTION: IBM Jazz for Service Management could allow an unauthorized user to obtain sensitive file information using forced browsing d...

Oracle Product Lifecycle Management ExportServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Product Lifecycle Management. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExportServlet. The issue results from the lack of proper validation ...

CVE-2016-5514

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet...

CVE-2016-5514

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet...

CVE-2016-5514

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet...

CVE-2016-5514

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet...

CVE-2016-5514

Oracle Supply Chain Products Suite with Oracle Agile PLM 9.3.4/9.3.5 contains an unspecified vulnerability in the ExportServlet that could allow remote authenticated users to impact confidentiality, integrity, and availability. The issue is evidenced in multiple sources (NVD/CNVD/CVE records) wit...

Unspecified Vulnerability in Oracle Supply Chain Products Suite Agile PLM Component (CNVD-2016-09690)

Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle, which provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile PLM Product Lifecycle Management is one of the lifecycle management components. Oracle Agile PLM Product...

Multiple Directory Traversal Vulnerability in Arcserve Unified Data Protection

Arcserve UDP Unified Data Protection is a set of unified data protection solutions from the U.S. company Arcserve. The solution provides backup and recovery of all virtual and physical environments, global deduplication and other functions. Multiple directory traversal vulnerabilities exist in th...

Directory traversal

Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the 1 reportFileServlet or 2 exportServlet servlet...

Arcserve Unified Data Protection Management Service exportServlet Directory Traversal Information Disclosure and Denial of Service Vulnerability

This vulnerability allows remote attackers to disclose and delete files on vulnerable installations of Arcserve Unified Data Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exportServlet servlet. The issue lies in the failure to saniti...