444 matches found
CVE-2024-27265 IBM Integration Bus for z/OS cross-site request forgery
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564...
CVE-2024-27265 IBM Integration Bus for z/OS cross-site request forgery
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564...
CVE-2024-27265
IBM Integration Bus for z/OS (versions 10.1–10.1.0.3) is affected by CVE-2024-27265, a cross-site request forgery in the Admin WebUI that could allow an attacker to perform malicious, unauthorized actions trusted by a user. Publications from multiple sources (IBM Security Bulletin, NVD, Red Hat, ...
IBM Integration Bus 跨站请求伪造漏洞
IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A cross-site request...
Security Bulletin: IBM Integration Bus for z/OS Admin WebUI is vulnerable to a CSRF attack (CVE-2024-27265)
Summary IBM Integration Bus for z/OS Admin WebUI is vulnerable to a CSRF attack which could lead to arbitrary code execution. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-27265 DESCRIPTION: IBM Integration Bus for z/OS is vulnerable...
Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java SDK
Summary There are multiple vulnerabilities in IBM Java SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified...
Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to MiniZip (CVE-2023-45853)
Summary MiniZip, in IBM App Connect Enterprise and IBM Integration Bus for z/OS is vulnerable to a denial of service. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip is vulnerable to a denial of service, caus...
IBM Integration Bus Resource Management Error Vulnerability
IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A resource management...
CVE-2024-22332
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...
CVE-2024-22332
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...
Denial of service
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...
CVE-2024-22332 IBM Integration Bus for z/OS denial of service
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...
CVE-2024-22332 IBM Integration Bus for z/OS denial of service
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...
CVE-2024-22332
The CVE-2024-22332 entry concerns IBM Integration Bus for z/OS AdminAPI. Affected versions are 10.1 through 10.1.0.2, with a denial-of-service risk caused by file system exhaustion. IBM’s Security Bulletin confirms the vulnerability and lists APAR IT45216 as the remediation path, with an Interim ...
IBM Integration Bus 资源管理错误漏洞
IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A resource management...
Security Bulletin: The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability (CVE-2024-22332).
Summary The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability CVE-2024-22332. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-22332 DESCRIPTION: The IBM Integration Bus for z/OS AdminAPI is...
Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java Runtime (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)
Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023. This bulletin identifies the steps to take to address th...
Security Bulletin: IBM App Connect Enterprise Toolkit & IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Apache Derby. (CVE-2022-46337)
Summary IBM App Connect Enterprise Toolkit & IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Apache Derby, which affects the Derby Sample Database in the toolkit. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details...
Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Eclipse JGit (CVE-2023-4759)
Summary Windows users of the Eclipse eGit feature in IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a remote attacker. Vulnerability Details CVEID:CVE-2023-4759 DESCRIPTION: Eclipse JGit could allow a remote attacker to execute arbitrary code on the system,...
Security Bulletin: IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. (CVE-2023-46589, CVE-2023-42794)
Summary IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a...