Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights (CVE-2020-13947)

Summary Apache ActiveMQ is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-13947 DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper...

Security Bulletin: Multiple vulnerabilities have been identified in IBM® Db2® which is shipped with IBM Operations Analyticsg Predictive Insights

Summary IBM® Db2® is shipped as a component of IBM Operations Analytics Predictive Insights. IBM® Db2® for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow caused by improper bounds checking, denial of service atack due to a hang in the S...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2021-20353

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2021-20353 to an XML External Entity Injection XXE which could result in a denial of service attack has been publish...

Security Bulletin: Vulnerability deferred from Oracle Oct 2020 CPU for Java 8 SE may affect IBM® SDK, Java™ Technology Edition and IBM Operations Analytics Predictive Insights

Summary Vulnerability CVE-2020-14782, related to the Libraries component in IBM® SDK, Java™ Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 and earlier. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2017-1000190)

Summary There is a potential XXE vulnerability in Apache Solr.. This has been addressed. Vulnerability Details CVEID: CVE-2017-1000190 DESCRIPTION: SimpleXML is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to...

Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are series of Deserialization of Untrusted Data vulnerabilities and Input Validation vulnerability in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2020-11620...

Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)

Summary Apache Solr is vulnerable to Remote Code Execution. This has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the VelocityResponseWriter, an...

Security Bulletin: Vulnerability in jersey affect Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2014-3643)

Summary There is a potential XXE vulnerability in jersey that affects Apache Zookeeper Vulnerability Details CVEID: CVE-2014-3643 DESCRIPTION: Jersey could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by jersey SAX...

Security Bulletin: protobuf Vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis Analysis (CVE-2015-5237)

Summary A potential Buffer Error and Out-of-Bounds Write vulnerabilities in protobuf were addressed by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID: CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in various versions of Eclipse Jetty that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2019-10246 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by...

Security Bulletin: Vulnerability in Apache Ant affect IBM Operations Analytics - Log Analysis Analysis (CVE-2020-1945)

Summary A vulnerability in Apache Ant which could potentially leak sensitive information was addressed by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID: CVE-2020-1945 DESCRIPTION: Apache Ant could allow a remote attacker to bypass security restrictions, caused by the use of...

Security Bulletin: Vulnerability in Bouncy Castle affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-17359)

Summary IBM Operations Analytics - Log Analysis has addressed a vulnerability that could cause OutOfMemoryError error in Bouncy Castle. Vulnerability Details CVEID: CVE-2019-17359 DESCRIPTION: Bouncy Castle Crypto is vulnerable to a denial of service, caused by OutOfMemoryError error in ASN.1...

Security Bulletin: Vulnerability in Apache Commons Compress affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-12402)

Summary There is a potential Resource Management vulnerability in Apache Commons Compress that affects Apache Solr Vulnerability Details CVEID: CVE-2019-12402 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an error in the internal file name encoding algorithm...

Security Bulletin: Multiple vulnerabilities in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in various versions of Apache Hadoop that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2018-11766 DESCRIPTION: Apache Hadoop could allow a local attacker to gain elevated privileges on the system. ...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an Apache Zookeeper vulnerability (CVE-2019-0201)

Summary IBM Operations Analytics - Log Analysis has addressed a potential permission vulnerability in Apache ZooKeeper. Vulnerability Details CVEID: CVE-2019-0201 DESCRIPTION: Apache ZooKeeper could allow a remote attacker to obtain sensitive information, caused by the failure to check permission...

Security Bulletin: Vulnerability in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-11768)

Summary There is a potential Buffer Errors vulnerability in Apache Hadoop hadoop-hdfs that affects Apache Solr Vulnerability Details CVEID: CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service, caused by a mismatch in the size of the fields used to store user/group...

Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to vulnerability in Apache POI (CVE-2019-12415)

Summary The XXE vulnerability in Apache POI affects Apache Solr. This has been fixed. Vulnerability Details CVEID: CVE-2019-12415 DESCRIPTION: Apache POI could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by tool...

Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0228)

Summary Apache Solr susceptible to XXE vulnerability in Apache PDFBox. This has been fixed. Vulnerability Details CVEID: CVE-2019-0228 DESCRIPTION: Apache PDFBox could allow a remote attacker to obtain sensitive information, caused by improper handling of XML External Entity XXE by the XML parser...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle affects Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There is various type of vulnerabilities in Bouncy Castle that affect Apache Solr. The list can be found at Vulnerability Details section. Vulnerability Details CVEID: CVE-2018-1000613 DESCRIPTION: Legion of the Bouncy Castle Java Cryptography APIs could allow a remote attacker to execute...

Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Xerces2

Summary There are vulnerabilities in Apache Xerces2 Java Parser that affect Apache Solr. The details are available in the Vulnerability Details section. Vulnerability Details CVEID: CVE-2013-4002 DESCRIPTION: A denial of service vulnerability in the Apache Xerces-J parser used by IBM Java could...