356 matches found
Security Bulletin: Multiple vulnerabilities in Netty libraries affect IBM Operations Analytics Predictive Insights (CVE-2021-43797 CVE-2022-24823)
Summary Netty library vulnerabilities affect IBM Operations Analytics Predictive Insights CVE-2021-43797 CVE-2022-24823. Netty is used by IBM Operations Analytics Predictive Insight in the REST Mediation utility. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2021-43797...
Security Bulletin: A Kafka vulnerability affects IBM Operations Analytics Predictive Insights (CVE-2022-34917 )
Summary Kafka vulnerability affects IBM Operations Analytics Predictive Insights CVE-2022-34917. Kafka is used by IBM Operations Analytics Predictive Insight in the data ingestion and processing services. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-34917...
Security Bulletin: An Apache-Spark vulnerability affects IBM Operations Analytics Predictive Insights (PVR0342171 )
Summary An Apache-Spark vulnerability affects IBM Operations Analytics Predictive Insights PVR0342171. Apache-Spark is used by IBM Operations Analytics Predictive Insight in the data processing services. The vulnerabilities have been addressed. Vulnerability Details Refer to the security bulletin...
Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty profile affects IBM Operations Analytics Predictive Insights(CVE-2022-22393 CVE-2022-22476 CVE-2022-22475)
Summary Websphere Application Server Liberty profile is used in the UI component of IBM Operations Analytics Predictive Insights. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights
Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities have been addressed: CVE-2021-35550, CVE-2021-35603 causing no confidentiality impact , CVE-2022-21248, CVE-2022-21291,...
Security Bulletin: Apache Commons Text and Apache Commons Configuration vulnerabilities affects IBM Operations Analytics Predictive Insights [CVE-2022-42889, CVE-2022-33980]
Summary Apache Commons Text and Apache Commons Configuration vulnerabilities affects IBM Operations Analytics Predictive Insights CVE-2022-42889, CVE-2022-33980. Apache Commons Text and Apache Commons Configuration is used by IBM Operations Analytics Predictive Insight REST Mediation Service, par...
Security Bulletin: Information disclosure in FasterXML Jackson Dataformats affect IBM Operations Analytics - Log Analysis (CVE-2020-28491)
Summary FasterXML jackson-dataformat-cbor is susceptible to denial of service, caused by java.lang.OutOfMemoryError exception. Vulnerability Details CVEID:CVE-2020-28491 DESCRIPTION: FasterXML jackson-dataformats-binary is vulnerable to a denial of service, caused by an unchecked allocation of by...
Security Bulletin: Vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis (CVE-2022-26612, CVE-2022-25168)
Summary Multiple vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis. This has been fixed. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-26612 DESCRIPTION: Apache Hadoop for Windows could allow a remote attacker to bypas...
Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)
Summary Prior to version 1.22.0 vulnerability in Apache Calcite Avatica allow a remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-36364 DESCRIPTION: Apache Calcite Avatica could allow a remote attacker to execute arbitrary code on t...
Security Bulletin: Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis
Summary There are multiple vulnerabilities in various versions of Data-Binding functionality for Jackson that affect IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are listed in the Vulnerability Details section below. Vulnerability Details CVEID:CVE-2020-25649...
Security Bulletin: Vulnerability in Apache Commons Text used by Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2022-42889)
Summary There is a potential vulnerability in Apache Commons Text that could allow remote attacker to execute arbitrary code. This has been fixed. Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system,...
Security Bulletin: IBM Operations Analytics - Log Analysis susceptible to vulnerability in Apache Tika (CVE-2022-25169)
Summary Apache Tika shipped with IBM Operations Analytics - Log Analysis is vulnerable to denial of service,. This has been fixed. Vulnerability Details CVEID:CVE-2022-25169 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by improper input validation in the BPG parser. By...
Security Bulletin: Potential Vulnerability in Apache HttpClient used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2020-13956)
Summary There is a potential vulnerability in Apache HttpClient that could allow remote attacker to bypass security restrictions Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling...
Security Bulletin: Vulnerability in Bouncy Castle used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2017-13098)
Summary There is a potential vulnerability that could allow attacker obtain sensitive information in Bouncy Castle TLS used by Logstash Vulnerability Details CVEID:CVE-2017-13098 DESCRIPTION: Bouncy Castle could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive...
Security Bulletin: Vulnerabilities in SnakeYAML used by Logstash affects IBM Operations Analytics - Log Analysis (CVE-2022-25857, CVE-2017-18640)
Summary Multiple vulnerabilities in SnakeYAML affects IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are in the Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of...
Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2018-17196)
Summary Apache Kafka is vulnerable to improper input validation that could allow remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2018-17196 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper...
Security Bulletin: Potential vulnerability in Apache Commons Configuration affect IBM Operations Analytics - Log Analysis (CVE-2022-33980)
Summary Vulnerability in Apache Commons Configuration could allow remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-33980 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the syste...
Security Bulletin: Potential vulnerability in Eclipse Jetty affects IBM Operations Analytics - Log Analysis (CVE-2022-2047)
Summary The vulnerability in Eclipse Jetty allows bypass security restrictions. This has been addressed. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By...
Security Bulletin: IBM Operations Analytics - Log Analysis vulnerable to multiple vulnerabilities in Apache Tika (CVE-2022-30126, CVE-2022-33879, CVE-2022-30973)
Summary Multiple vulnerabilities in Apache Tika affect IBM Operations Analytics - Log Analysis. This has been fixed. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-30973 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Operations Analytics Predictive Insights impacted by Apache Log4j vulnerabilities (CVE-2022-23305)
Summary IBM Operations Analytics Predictive Insights is affected by the Apache Log4j vulnerability through the JDBCAppender in Log4j 1.2.x which accepts a SQL statement as a configuration parameter. When JDBCAppender is specifically configured to use, malicious values could be inserted. This allo...