Lucene search
K

444 matches found

Vulnrichment
Vulnrichment
added 2024/03/14 6:37 p.m.15 views

CVE-2024-27265 IBM Integration Bus for z/OS cross-site request forgery

IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564...

4.5CVSS6.7AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/14 6:37 p.m.22 views

CVE-2024-27265 IBM Integration Bus for z/OS cross-site request forgery

IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564...

4.5CVSS6.6AI score0.00239EPSS
Exploits0References2
CVE
CVE
added 2024/03/14 6:37 p.m.78 views

CVE-2024-27265

IBM Integration Bus for z/OS (versions 10.1–10.1.0.3) is affected by CVE-2024-27265, a cross-site request forgery in the Admin WebUI that could allow an attacker to perform malicious, unauthorized actions trusted by a user. Publications from multiple sources (IBM Security Bulletin, NVD, Red Hat, ...

6.5CVSS5.3AI score0.00239EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/14 12:0 a.m.2 views

IBM Integration Bus 跨站请求伪造漏洞

IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A cross-site request...

6.5CVSS6.6AI score0.00239EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/13 1:18 p.m.21 views

Security Bulletin: IBM Integration Bus for z/OS Admin WebUI is vulnerable to a CSRF attack (CVE-2024-27265)

Summary IBM Integration Bus for z/OS Admin WebUI is vulnerable to a CSRF attack which could lead to arbitrary code execution. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-27265 DESCRIPTION: IBM Integration Bus for z/OS is vulnerable...

6.5CVSS6.1AI score0.00239EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/08 10:52 a.m.38 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java SDK

Summary There are multiple vulnerabilities in IBM Java SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified...

7.5CVSS6.9AI score0.01026EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/27 3:2 p.m.26 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to MiniZip (CVE-2023-45853)

Summary MiniZip, in IBM App Connect Enterprise and IBM Integration Bus for z/OS is vulnerable to a denial of service. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip is vulnerable to a denial of service, caus...

9.8CVSS9.5AI score0.02918EPSS
Exploits0Affected Software2
CNVD
CNVD
added 2024/02/22 12:0 a.m.7 views

IBM Integration Bus Resource Management Error Vulnerability

IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A resource management...

6.5CVSS6.4AI score0.00607EPSS
Exploits0References1
NVD
NVD
added 2024/02/09 1:15 a.m.13 views

CVE-2024-22332

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

6.5CVSS6.3AI score0.00607EPSS
Exploits0References2
OSV
OSV
added 2024/02/09 1:15 a.m.5 views

CVE-2024-22332

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

6.5CVSS5.8AI score0.00607EPSS
Exploits0References2
Prion
Prion
added 2024/02/09 1:15 a.m.13 views

Denial of service

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

4CVSS6.8AI score0.00607EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/09 12:54 a.m.18 views

CVE-2024-22332 IBM Integration Bus for z/OS denial of service

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

6.5CVSS6.5AI score0.00607EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/09 12:54 a.m.17 views

CVE-2024-22332 IBM Integration Bus for z/OS denial of service

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

6.5CVSS6.4AI score0.00607EPSS
Exploits0References2
CVE
CVE
added 2024/02/09 12:54 a.m.79 views

CVE-2024-22332

The CVE-2024-22332 entry concerns IBM Integration Bus for z/OS AdminAPI. Affected versions are 10.1 through 10.1.0.2, with a denial-of-service risk caused by file system exhaustion. IBM’s Security Bulletin confirms the vulnerability and lists APAR IT45216 as the remediation path, with an Interim ...

6.5CVSS6.3AI score0.00607EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/02/09 12:0 a.m.5 views

IBM Integration Bus 资源管理错误漏洞

IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A resource management...

6.5CVSS6.5AI score0.00607EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/07 9:45 a.m.39 views

Security Bulletin: The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability (CVE-2024-22332).

Summary The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability CVE-2024-22332. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-22332 DESCRIPTION: The IBM Integration Bus for z/OS AdminAPI is...

6.5CVSS6.4AI score0.00607EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 11:47 a.m.28 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java Runtime (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023. This bulletin identifies the steps to take to address th...

5.9CVSS6.1AI score0.014EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/17 11:43 a.m.28 views

Security Bulletin: IBM App Connect Enterprise Toolkit & IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Apache Derby. (CVE-2022-46337)

Summary IBM App Connect Enterprise Toolkit & IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Apache Derby, which affects the Derby Sample Database in the toolkit. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details...

9.8CVSS9.2AI score0.01418EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/08 3:57 p.m.32 views

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a remote attacker due to Eclipse JGit (CVE-2023-4759)

Summary Windows users of the Eclipse eGit feature in IBM App Connect Enterprise Toolkit and IBM Integration Bus Toolkit are vulnerable to a remote attacker. Vulnerability Details CVEID:CVE-2023-4759 DESCRIPTION: Eclipse JGit could allow a remote attacker to execute arbitrary code on the system,...

8.8CVSS8.8AI score0.01884EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/03 2:43 p.m.40 views

Security Bulletin: IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. (CVE-2023-46589, CVE-2023-42794)

Summary IBM Integration Bus is vulnerable to HTTP request smuggling and a denial of service due to Apache Tomcat. Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a...

7.5CVSS7AI score0.02651EPSS
Exploits0Affected Software1
Rows per page
Query Builder