Lucene search
K

281 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/08 11:45 a.m.44 views

Security Bulletin: Vulnerability in IBM® SDK, Java™ Technology Edition may affect IBM Operations Analytics Predictive Insights

Summary IBM Operations Analytics Predictive Insights uses BM® SDK, Java™ Technology Edition, and vulnerability CVE-2022-40609 may expose Java process to a variety of malicious attacks Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 cou...

9.8CVSS9AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/18 2:15 p.m.50 views

Security Bulletin: Multiple vulnerabilities in IBM DB2 affect IBM Operations Analytics Predictive Insights

Summary There are multiple vulnerabilities in IBM® DB2 used by IBM Operations Analytics Predictive Insights 1.3.6 and earlier. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs CVE-2023-30447, CVE-2023-30446, CVE-2023-30443, CVE-2023-30448, CVE-2023-30445,...

8.8CVSS7.5AI score0.01628EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 2:52 p.m.21 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server which is a component of IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is a component of IBM Operations Analytics Predictive Insights. Multiple vulnerabilities in Websphere Application Server WAS 8.5 and 9.0 affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. Information about the following relevant...

9.1CVSS6.2AI score0.00859EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/21 3:38 p.m.36 views

Security Bulletin: Vulnerability in Google gson 2.2.4 libraries (CVE-2022-25647) affects IBM Operations Analytics Predictive Insights

Summary IBM Operations Analytics Predictive Insights uses Google gson libraries for serialization/deserialization of objects in REST mediation service. A security vulnerability in versions prior to gson 2.8.9. could be exploited to compromise Operations Analytics Predictive Insights services...

7.7CVSS7.5AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 11:31 a.m.13 views

Security Bulletin: Denial of Service Vulnerability in Apache Solr used by IBM Operations Analytics - Log Analysis

Summary There is a potential denial of service in Apache Solr that is used by IBM Operations Analytics - Log Analysis Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker cou...

6.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/25 6:50 a.m.52 views

Security Bulletin: Vulnerability from log4j-1.2.16.jar affect IBM Operations Analytics - Log Analysis (CVE-2023-26464)

Summary log4j-1.2.16.jar is vulnerable and it is shipped in Log Analysis. The fix includes Apache Log4j core 2.17.1 Vulnerability Details CVEID:CVE-2023-26464 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by a flaw when using the Chainsaw or SocketAppender components. By...

7.5CVSS7.2AI score0.01905EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/23 3:6 p.m.9 views

Security Bulletin: A vulnerability in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights

Summary A security vulnerability in IBM SDK, Java Technology Edition affects IBM Operations Analytics Predictive Insights 1.3.6 or earlier. IBM Java versions 8.0.7.0 - 8.0.7.11 are vulnerable to crypto attacks. This vulnerability has been addressed. Vulnerability Details Refer to the security...

6.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/19 9:31 a.m.36 views

Security Bulletin: Vulnerability from Google Gson affect IBM Operations Analytics - Log Analysis (CVE-2022-25647)

Summary Google Gson shipped with Log Analysis is vulnerable to denial of service Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote attacker could...

7.7CVSS7.5AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/10 2:42 p.m.40 views

Security Bulletin: Denial of Service in Apache Commons used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2023-24998)

Summary There is a vulnerability in the Apache Commons FileUpload library used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request...

7.5CVSS7.7AI score0.46836EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 7:43 a.m.42 views

Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3510)

Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS7.3AI score0.00567EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 7:41 a.m.27 views

Security Bulletin: Multiple vulnerabilities affect Apache Ant shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in Apache Ant. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By...

7.5CVSS7.5AI score0.12608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 7:34 a.m.100 views

Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis

Summary Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. While deserializing unknown yaml content can lead to remote code execution. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of...

9.8CVSS9.3AI score0.99615EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 10:55 a.m.45 views

Security Bulletin: Vulnerability from Apache Calcite affect IBM Operations Analytics - Log Analysis (CVE-2022-39135)

Summary In Apache Calcite, the SQL operators do not restrict XML External Entity references in their configuration. This makes them vulnerable to a potential XML External Entity XXE attack. Vulnerability Details CVEID:CVE-2022-39135 DESCRIPTION: Apache Calcite is vulnerable to an XML external...

9.8CVSS9.5AI score0.01931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 10:43 a.m.23 views

Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3171)

Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...

7.5CVSS6AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 9:29 a.m.36 views

Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-38749)

Summary Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. While deserializing unknown yaml content can lead to remote code execution. Vulnerability Details CVEID:CVE-2022-38750 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by a...

6.5CVSS7.1AI score0.02091EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 3:10 p.m.24 views

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights

Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities, CVE-2022-2154 1, CVE-2022-21540, CVE-2021-2163 allowing unauthorized access to critical data and CVE-2021-41041 allowing...

5.3CVSS7.3AI score0.03566EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 3:9 p.m.62 views

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights

Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628 allowing unauthorized access of unauthenticated attacker with...

6.5CVSS6AI score0.02376EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 3:6 p.m.49 views

Security Bulletin: FasterXML-jackson-databinds vulnerabilities affect IBM Operations Analytics Predictive Insights (CVE-2022-42004,CVE-2022-42003)

Summary FasterXML-jackson-databind is used by IBM Operations Analytics Predictive Insights REST Meditation utility tool only. If you do not have this utility installed you are not affected by this bulletin, otherwise, apply the recommended remediation fixes. Vulnerability Details...

7.5CVSS7.3AI score0.02824EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/27 3:1 p.m.26 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2023-23477)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2020-35282 to remote code execution has been published. Vulnerability Details Refer to the security bulletins listed...

9.8CVSS7.9AI score0.01949EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/29 1:7 p.m.35 views

Security Bulletin: Multiple vulnerabilities in Netty libraries affect IBM Operations Analytics Predictive Insights (CVE-2021-43797 CVE-2022-24823)

Summary Netty library vulnerabilities affect IBM Operations Analytics Predictive Insights CVE-2021-43797 CVE-2022-24823. Netty is used by IBM Operations Analytics Predictive Insight in the REST Mediation utility. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2021-43797...

6.5CVSS7.5AI score0.02682EPSS
Exploits1Affected Software1
Rows per page
Query Builder