Security Bulletin: IBM InfoSphere Global Name Management Vulnerable to CVE-2023-30441

Summary InfoSphere Global Name Management bundles IBM Java as internal component. A combination of two flaws in the JSSE component and IBMJCEPlus security provider expose some IBM Java releases to various cryptographic attacks when acting as a TLS server. This vulnerability is addressed...

Security Bulletin: Unspecified vulnerability in Java Affects IBM Infosphere Global Name Management (CVE-2022-21496)

Summary The Java used in IBM Global Name Management has an unspecified vulnerability related to the JNDI component. Within GNM, this issue only affects ENS, a part of GNM 6 installed by a small minority of GNM customers. For GNM customers not using ENS, there is no vulnerability. Vulnerability...

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty affects IBM InfoSphere Global Name Management (CVE-2022-22475, CVE-2022-22476)

Summary The IBM WebSphere Liberty used in IBM InfoSphere Global Name Management is vulnerable to identity spoofing by an authenticated user. This issue only affects ENS, a part of GNM 6 installed by a small minority of GNM customers. For GNM customers not using ENS, there is no vulnerability...

Security Bulletin: Vulnerability in IBM WebSphere Liberty affects IBM InfoSphere Global Name Management (CVE-2022-34165)

Summary The IBM WebSphere Liberty used in IBM InfoSphere Global Name Management is vulnerable to HTTP header injection when processing web requests. This problem is addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2020-27221)

Summary Eclipse OpenJ9 used as part of IBM InfoSphere Global Name Management when running on Linux or AIX is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. By sending an overly long string, a remote...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Global Name Management

Summary IBM WebSphere Application Server is shipped as a component of Global Name Management. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin Vulnerability Details Please consult the security bulletin HTTP response...

Security Bulletin: Information disclosure in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2019-4441)

Summary There is a potential information disclosure vulnerability in the IBM WebSphere Application Server shipped as part of the IBM InfoSphere Global Name Management product. This could allow a remote attacker to obtain some limited information when a stack trace is returned in the browser. The...

Security Bulletin: Potential spoofing attack in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1695)

Summary There is a potential spoofing attack in WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2018-1695 Link to security bulletin:...

Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2019-4046)

Summary There is a potential denial of service vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2019-4046 Link to security...

Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1904)

Summary There is a potential remote code execution vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2018-1904 Link to security...

Security Bulletin: Potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1643)

Summary There is a potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations...

Security Bulletin: Potential spoofing vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2018-1902)

Summary There is a potential spoofing vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs: CVE-2018-1902 Link to security bulletin:...

Security Bulletin: Information disclosure for IBM Infosphere Global Name Management

Summary There is a potential information disclosure vulnerability in Global Name Management when using Enterprise Name Search. The information disclosure is due to an XML external entity XXE vulnerability. Customers not using Enterprise Name Search are not affected. Vulnerability Details CVEID:...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Global Name Management 5.0 (CVE-2015-1920)

Summary IBM WebSphere Application Server is shipped as a component of IBM Global Name Management. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects embedded WebSphere Application Server shipped with IBM InfoSphere Global Name Management.

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition included with embedded WebSphere Application Server shipped as a component of IBM InfoSphere Global Name Management. Information about the security vulnerabilities affecting IBM® SDK, Java™ Technology Edition hav...

Security Bulletin: Multiple security vulnerabilities have been identified in WebSphere Application Server shipped with IBM InfoSphere Global Name Management

Summary WebSphere Application Server is shipped as a component of IBM InfoSphere Global Name Management. Information about multiple security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins list...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2018-2783, CVE-2018-3139, CVE-2018-3180, CVE-2018-12547 , CVE-2018-1890, CVE-2019-2426)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details CVEs: CVE-2018-2783, CVE-2018-3139, CVE-2018-3180, CVE-2018-12547 , CVE-2018-1890, CVE-2019-2426 Link to...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2989, CVE-2019-2978, CVE-2019-2983)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2769, CVE-2019-2762, CVE-2019-2816).

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM InfoSphere Global Name Management (CVE-2021-35578, CVE-2021-35550, CVE-2021-35603)

Summary There are multiple vulnerabilities in the Java used in IBM InfoSphere Global Name Management GNM. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM InfoSphere Global Name...