Security Bulletin: IBM OpenPages for Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)

Summary Multiple vulnerabilities in the Apache Log4j CVE-2021-45105 and CVE-2021-45046 open source library used by IBM OpenPages for IBM Cloud Pak for Data's logging framework. The fix includes Apache Log4j 12.17.1. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerabl...

Security Bulletin: IBM OpenPages with Watson is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2019-17571)

Summary There is a vulnerability in the Apache Log4j open source library CVE-2019-17571 used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. The remediation fix includes Apache Log4j v2.17. Vulnerability Details CVEID:CVE-2019-17571 DESCRIPTION: Apache Log4j could...

Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2021-4104)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker t...

Security Bulletin: IBM OpenPages with Watson has addressed multiple security vulnerabilities in Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary Multiple vulnerabilities in the Apache Log4j open source library used by IBM OpenPages with Watson. This impacts the IBM OpenPages logging framework. These vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial ...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data has addressed Apache Log4j vulnerability (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages for IBM Cloud Pak for Data. This affects the IBM OpenPages logging framework. This vulnerability CVE-2021-44228 has been addressed. Customers are encouraged to take action and upgrade. Vulnerability...

Security Bulletin: IBM OpenPages with Watson has addressed security vulnerability in Apache Log4j (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages logging framework. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker ...

IBM OpenPages with Watson Arbitrary Code Execution Vulnerability

IBM OpenPages with Watson is an AI-driven solution for financial risk analysis. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through step...

CVE-2021-29907

IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633...

CVE-2021-29907

IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633...

CVE-2021-29907

IBM OpenPages with Watson versions 8.1–8.2 are affected by CVE-2021-29907, where an authenticated user can upload a file that leads to arbitrary code execution. Root cause is tied to the upload functionality permitting code execution. Remediation provided by IBM fixes: 8.2 Fix Pack 2 (8.2.0.2) or...

CVE-2021-29907

IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633...

PT-2021-18539 · Ibm · Ibm Openpages With Watson

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.1 through 8.2 Description: The issue allows an authenticated user to upload a file that could execute arbitrary code on the system. Recommendations: For versions 8.1 and 8.2, update to a version that...

Security Bulletin: IBM OpenPages with Watson has addressed a remote code execution vulnerability (CVE-2021-29907)

Summary An issue was found within the IBM OpenPages with Watson that could allow an authenticated user to upload a file that could execute arbitrary code. Vulnerability Details CVEID: CVE-2021-29907 DESCRIPTION: IBM OpenPages with Watson could allow an authenticated user to upload a file that cou...

IBM OpenPages with Watson 代码问题漏洞

IBM OpenPages with Watson is an AI-driven solution for financial risk analysis. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through step...

Unspecified Vulnerability in IBM OpenPages GRC Platform

IBM OpenPages GRC Platform is a suite of platforms for managing enterprise risk and compliance from IBM in the United States. The platform provides a set of core services and functional components that cover the risk and compliance domain including operational risk, policy and compliance, financi...

OpenPages GRC Platform Cross-Site Scripting Vulnerability (CNVD-2021-34717)

OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...