Lucene search
+L

281 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/29 1:4 p.m.12 views

Security Bulletin: An Apache-Spark vulnerability affects IBM Operations Analytics Predictive Insights (PVR0342171 )

Summary An Apache-Spark vulnerability affects IBM Operations Analytics Predictive Insights PVR0342171. Apache-Spark is used by IBM Operations Analytics Predictive Insight in the data processing services. The vulnerabilities have been addressed. Vulnerability Details Refer to the security bulletin...

7.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/28 8:55 a.m.61 views

Security Bulletin: Apache Commons Text and Apache Commons Configuration vulnerabilities affects IBM Operations Analytics Predictive Insights [CVE-2022-42889, CVE-2022-33980]

Summary Apache Commons Text and Apache Commons Configuration vulnerabilities affects IBM Operations Analytics Predictive Insights CVE-2022-42889, CVE-2022-33980. Apache Commons Text and Apache Commons Configuration is used by IBM Operations Analytics Predictive Insight REST Mediation Service, par...

9.8CVSS10AI score0.99931EPSS
Exploits45Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 1:1 p.m.50 views

Security Bulletin: Information disclosure in FasterXML Jackson Dataformats affect IBM Operations Analytics - Log Analysis (CVE-2020-28491)

Summary FasterXML jackson-dataformat-cbor is susceptible to denial of service, caused by java.lang.OutOfMemoryError exception. Vulnerability Details CVEID:CVE-2020-28491 DESCRIPTION: FasterXML jackson-dataformats-binary is vulnerable to a denial of service, caused by an unchecked allocation of by...

7.5CVSS7.3AI score0.03074EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 12:16 p.m.79 views

Security Bulletin: Vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis (CVE-2022-26612, CVE-2022-25168)

Summary Multiple vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis. This has been fixed. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-26612 DESCRIPTION: Apache Hadoop for Windows could allow a remote attacker to bypas...

9.8CVSS9.8AI score0.04176EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 9:43 a.m.75 views

Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)

Summary Prior to version 1.22.0 vulnerability in Apache Calcite Avatica allow a remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-36364 DESCRIPTION: Apache Calcite Avatica could allow a remote attacker to execute arbitrary code on t...

8.8CVSS8.9AI score0.02276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 8:8 a.m.51 views

Security Bulletin: Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis

Summary There are multiple vulnerabilities in various versions of Data-Binding functionality for Jackson that affect IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are listed in the Vulnerability Details section below. Vulnerability Details CVEID:CVE-2020-25649...

9.8CVSS10AI score0.45205EPSS
Exploits28Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 5:48 a.m.46 views

Security Bulletin: Vulnerability in Apache Commons Text used by Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2022-42889)

Summary There is a potential vulnerability in Apache Commons Text that could allow remote attacker to execute arbitrary code. This has been fixed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system,...

9.8CVSS9.9AI score0.99931EPSS
Exploits42Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 11:57 a.m.31 views

Security Bulletin: IBM Operations Analytics - Log Analysis susceptible to vulnerability in Apache Tika (CVE-2022-25169)

Summary Apache Tika shipped with IBM Operations Analytics - Log Analysis is vulnerable to denial of service,. This has been fixed. Vulnerability Details CVEID:CVE-2022-25169 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by improper input validation in the BPG parser. By...

5.5CVSS5.5AI score0.0205EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 9:45 a.m.36 views

Security Bulletin: Potential Vulnerability in Apache HttpClient used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2020-13956)

Summary There is a potential vulnerability in Apache HttpClient that could allow remote attacker to bypass security restrictions Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling...

5.3CVSS5.9AI score0.08665EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 8:35 a.m.30 views

Security Bulletin: Vulnerability in Bouncy Castle used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2017-13098)

Summary There is a potential vulnerability that could allow attacker obtain sensitive information in Bouncy Castle TLS used by Logstash Vulnerability Details CVEID:CVE-2017-13098 DESCRIPTION: Bouncy Castle could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive...

7.5CVSS6.2AI score0.24282EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 5:48 a.m.32 views

Security Bulletin: Vulnerabilities in SnakeYAML used by Logstash affects IBM Operations Analytics - Log Analysis (CVE-2022-25857, CVE-2017-18640)

Summary Multiple vulnerabilities in SnakeYAML affects IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are in the Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of...

7.5CVSS7.9AI score0.26723EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 5:19 a.m.44 views

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2018-17196)

Summary Apache Kafka is vulnerable to improper input validation that could allow remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2018-17196 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper...

8.8CVSS6.7AI score0.05479EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/18 3:8 a.m.48 views

Security Bulletin: Potential vulnerability in Apache Commons Configuration affect IBM Operations Analytics - Log Analysis (CVE-2022-33980)

Summary Vulnerability in Apache Commons Configuration could allow remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-33980 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the syste...

9.8CVSS9.6AI score0.42646EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 4:37 p.m.33 views

Security Bulletin: Potential vulnerability in Eclipse Jetty affects IBM Operations Analytics - Log Analysis (CVE-2022-2047)

Summary The vulnerability in Eclipse Jetty allows bypass security restrictions. This has been addressed. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By...

2.7CVSS5.4AI score0.01173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 4:6 p.m.29 views

Security Bulletin: IBM Operations Analytics - Log Analysis vulnerable to multiple vulnerabilities in Apache Tika (CVE-2022-30126, CVE-2022-33879, CVE-2022-30973)

Summary Multiple vulnerabilities in Apache Tika affect IBM Operations Analytics - Log Analysis. This has been fixed. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-30973 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by a...

5.5CVSS5.3AI score0.02524EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 2:12 p.m.39 views

Security Bulletin: IBM Operations Analytics Predictive Insights impacted by Apache Log4j vulnerabilities (CVE-2022-23305)

Summary IBM Operations Analytics Predictive Insights is affected by the Apache Log4j vulnerability through the JDBCAppender in Log4j 1.2.x which accepts a SQL statement as a configuration parameter. When JDBCAppender is specifically configured to use, malicious values could be inserted. This allo...

9.8CVSS9.4AI score0.66537EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 8:35 a.m.148 views

Security Bulletin: Vulnerabilities from log4j-core-2.16.0.jar affect IBM Operations Analytics - Log Analysis (CVE-2021-44832, CVE-2021-45105)

Summary log4j-core-2.16.0.jar is vulnerable to remote code execution RCE attack and uncontrolled recursion. This is shipped in Log Analysis. The fix includes Apache Log4j core 2.17.1 Vulnerability Details CVEID:CVE-2021-44832 DESCRIPTION: Apache Log4j could allow a remote attacker with permission...

6.6CVSS8.6AI score0.99999EPSS
Exploits22Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/17 7:52 a.m.261 views

Security Bulletin: Vulnerabilities from log4j affect IBM Operations Analytics - Log Analysis (CVE-2019-17571, CVE-2020-9488)

Summary log4j is vulnerable to improper validation of certificate and deserialization of untrusted data. These vulnerabilities are in Apache Zookeeper, Apache Solr and Log Analysis. Vulnerability Details CVEID:CVE-2019-17571 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...

9.8CVSS8.5AI score0.6906EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/14 4:37 a.m.40 views

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2021-38153)

Summary Apache Kafka is vulnerable to timing attacks that could allow remote attacker to obtain sensitive information Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use o...

5.9CVSS6.4AI score0.06252EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 11:28 a.m.47 views

Security Bulletin: Vulnerability from Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2021-22569)

Summary Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis is vulnerable to denial of service Vulnerability Details CVEID:CVE-2021-22569 DESCRIPTION: Google Protocol Buffer protobuf-java is vulnerable to a denial of service, caused by an issue with allow interleaving of...

7.5CVSS6.1AI score0.01655EPSS
Exploits1Affected Software1
Rows per page
Query Builder