281 matches found
Security Bulletin: Vulnerability in IBM® SDK, Java™ Technology Edition may affect IBM Operations Analytics Predictive Insights
Summary IBM Operations Analytics Predictive Insights uses BM® SDK, Java™ Technology Edition, and vulnerability CVE-2022-40609 may expose Java process to a variety of malicious attacks Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 cou...
Security Bulletin: Multiple vulnerabilities in IBM DB2 affect IBM Operations Analytics Predictive Insights
Summary There are multiple vulnerabilities in IBM® DB2 used by IBM Operations Analytics Predictive Insights 1.3.6 and earlier. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs CVE-2023-30447, CVE-2023-30446, CVE-2023-30443, CVE-2023-30448, CVE-2023-30445,...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server which is a component of IBM Operations Analytics Predictive Insights
Summary Websphere Application Server WAS is a component of IBM Operations Analytics Predictive Insights. Multiple vulnerabilities in Websphere Application Server WAS 8.5 and 9.0 affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. Information about the following relevant...
Security Bulletin: Vulnerability in Google gson 2.2.4 libraries (CVE-2022-25647) affects IBM Operations Analytics Predictive Insights
Summary IBM Operations Analytics Predictive Insights uses Google gson libraries for serialization/deserialization of objects in REST mediation service. A security vulnerability in versions prior to gson 2.8.9. could be exploited to compromise Operations Analytics Predictive Insights services...
Security Bulletin: Denial of Service Vulnerability in Apache Solr used by IBM Operations Analytics - Log Analysis
Summary There is a potential denial of service in Apache Solr that is used by IBM Operations Analytics - Log Analysis Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker cou...
Security Bulletin: Vulnerability from log4j-1.2.16.jar affect IBM Operations Analytics - Log Analysis (CVE-2023-26464)
Summary log4j-1.2.16.jar is vulnerable and it is shipped in Log Analysis. The fix includes Apache Log4j core 2.17.1 Vulnerability Details CVEID:CVE-2023-26464 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by a flaw when using the Chainsaw or SocketAppender components. By...
Security Bulletin: A vulnerability in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights
Summary A security vulnerability in IBM SDK, Java Technology Edition affects IBM Operations Analytics Predictive Insights 1.3.6 or earlier. IBM Java versions 8.0.7.0 - 8.0.7.11 are vulnerable to crypto attacks. This vulnerability has been addressed. Vulnerability Details Refer to the security...
Security Bulletin: Vulnerability from Google Gson affect IBM Operations Analytics - Log Analysis (CVE-2022-25647)
Summary Google Gson shipped with Log Analysis is vulnerable to denial of service Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote attacker could...
Security Bulletin: Denial of Service in Apache Commons used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2023-24998)
Summary There is a vulnerability in the Apache Commons FileUpload library used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request...
Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3510)
Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...
Security Bulletin: Multiple vulnerabilities affect Apache Ant shipped with IBM Operations Analytics - Log Analysis
Summary There are vulnerabilities in Apache Ant. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By...
Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis
Summary Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. While deserializing unknown yaml content can lead to remote code execution. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of...
Security Bulletin: Vulnerability from Apache Calcite affect IBM Operations Analytics - Log Analysis (CVE-2022-39135)
Summary In Apache Calcite, the SQL operators do not restrict XML External Entity references in their configuration. This makes them vulnerable to a potential XML External Entity XXE attack. Vulnerability Details CVEID:CVE-2022-39135 DESCRIPTION: Apache Calcite is vulnerable to an XML external...
Security Bulletin: Multiple Vulnerabilities in Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2022-3509, CVE-2022-3171)
Summary A parsing issue in Google Protocol Buffer shipped with IBM Operations Analytics - Log Analysis can lead to a denial of service attack. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing...
Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-38749)
Summary Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. While deserializing unknown yaml content can lead to remote code execution. Vulnerability Details CVEID:CVE-2022-38750 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by a...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights
Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities, CVE-2022-2154 1, CVE-2022-21540, CVE-2021-2163 allowing unauthorized access to critical data and CVE-2021-41041 allowing...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights
Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628 allowing unauthorized access of unauthenticated attacker with...
Security Bulletin: FasterXML-jackson-databinds vulnerabilities affect IBM Operations Analytics Predictive Insights (CVE-2022-42004,CVE-2022-42003)
Summary FasterXML-jackson-databind is used by IBM Operations Analytics Predictive Insights REST Meditation utility tool only. If you do not have this utility installed you are not affected by this bulletin, otherwise, apply the recommended remediation fixes. Vulnerability Details...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2023-23477)
Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2020-35282 to remote code execution has been published. Vulnerability Details Refer to the security bulletins listed...
Security Bulletin: Multiple vulnerabilities in Netty libraries affect IBM Operations Analytics Predictive Insights (CVE-2021-43797 CVE-2022-24823)
Summary Netty library vulnerabilities affect IBM Operations Analytics Predictive Insights CVE-2021-43797 CVE-2022-24823. Netty is used by IBM Operations Analytics Predictive Insight in the REST Mediation utility. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2021-43797...