IBM Operations Analytics-Log Analysis 安全漏洞

IBM Operations Analytics-Log Analysis is a suite of semi-structured data analysis solutions from International Business Machines IBM. The product is primarily used for application log analysis and problem diagnosis, among other things. A security vulnerability exists in IBM Operations Analytics-L...

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2025-23184, CVE-2025-25193)

Summary Vulnerabilities in the Apache CXF and Netty libraries affect IBM WebSphere Application Server Liberty, which is shipped in IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of...

Security Bulletin: Potential Vulnerability in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2022-24823)

Summary There is a potential Netty vulnerability in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis. This has been fixed Vulnerability Details CVEID:CVE-2022-24823 DESCRIPTION: Netty could allow a local authenticated attacker to obtain sensitive information,...

Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)

Summary Prior to version 1.22.0 vulnerability in Apache Calcite Avatica allow a remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-36364 DESCRIPTION: Apache Calcite Avatica could allow a remote attacker to execute arbitrary code on t...

Security Bulletin: Vulnerabilities from log4j-core-2.16.0.jar affect IBM Operations Analytics - Log Analysis (CVE-2021-44832, CVE-2021-45105)

Summary log4j-core-2.16.0.jar is vulnerable to remote code execution RCE attack and uncontrolled recursion. This is shipped in Log Analysis. The fix includes Apache Log4j core 2.17.1 Vulnerability Details CVEID:CVE-2021-44832 DESCRIPTION: Apache Log4j could allow a remote attacker with permission...

Security Bulletin: Code execution vulnerability with OpenID connect in WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2018-1851)

Summary WebSphere Application Server OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execute arbitrary code...

Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1553)

Summary IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. Vulnerability Details CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote...