Security Bulletin: A vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-10237)

Summary A vulnerability on unbounded memory allocation was addressed by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID: CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and...

Security Bulletin: dom4j Vulnerability in Apache Solr shipped with IBM Operations Analytics - Log Analysis Analysis (CVE-2018-1000632)

Summary There is an XML Injection vulnerability in dom4j that affects Apache Solr. Vulnerability Details CVEID: CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods. By sending a...

Security Bulletin: Multiple vulnerabilities in Apache Tika affects Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are different types of vulnerabilities in various versions of Apache Tika that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2018-11761 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by the failu...

Security Bulletin: Vulnerability with Apache Tika in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-8017)

Summary There is a potential vulnerability in Apache Tika that affects Apache Solr Vulnerability Details CVEID: CVE-2018-8017 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by an error in the IptcAnpaParser. By persuading a victim to open a specially crafted file, a remote...

Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2018-11797)

Summary There is a potential Input Validation vulnerability in Apache PDFBox that affects Apache Solr. Vulnerability Details CVEID: CVE-2018-11797 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by a flaw when parsing the page tree. By persuading a victim to open a...

Security Bulletin: Vulnerability in Apache PDFBox affects Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-8036)

Summary There is a potential Resource Exhaustion vulnerability in Apache PDFBox that affects Apache Solr. Vulnerability Details CVEID: CVE-2018-8036 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out of memory exception in AFMParser. By persuading a victim to open a...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4949)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability to an XML External Entity Injection XXE attack when processing XML data CVE-2020-4949 has been published in a security...

Security Bulletin: Multiple vulnerabilities in affect IBM® SDK, Java™ Technology Edition may affect IBM Operations Analytics Predictive Insights

Summary Multiple vulnerabilities CVE-2020-14803, CVE-2020-27221 in IBM® SDK, Java™ Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 and earlier and were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021. Vulnerability Details Refer to t...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4629)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2020-4629 through exploiting access to FFDC logs file on the server has been published in a security bulletin...

Security Bulletin: Multiple vulnerabilities in IBM Java SE, Java SE Embedded affects IBM Operations Analytics Predictive Insights

Summary Multiple security vulnerablities in Java SE, Java SE Embedded product of Oracle Java SE components: Serialization, Hotspot, Libraries were disclosed as part of their October 2020 Critical Patch Update. Those vulnerabilities affect IBM Operations Analytics Predictive Insights 1.3.6 and...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4782)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server directory traversal security vulnerability information disclosure CVE-2020-4782 has been published in a security bulletin. Vulnerabili...

Security Bulletin: A vulnerabily in IBM Java SDK security component affects IBM Operations Analytics Predictive Insights

Summary Vulnerability in the IBM® SDK, Java™ Technology Edition, Java SE Embedded product of Oracle Java SE component: Security was disclosed as part of the Oracle January 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-2590 DESCRIPTION: An unspecified vulnerability in Java SE...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server security vulnerability to sensitive information disclosure CVE-2020-4576 has been published in a security bulletin. Vulnerability...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server traditional Admin Console cross-site scripting security vulnerability information disclosure CVE-2020-4578 has been published in a...

Security Bulletin: Security vulnerability has been identified in DB2 which is shipped with IBM Operations Analyticsg Predictive Insights

Summary IBM DB2 is shipped as a component of IBM Operations Analytics Predictive Insights. IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking. Information about the security vulnerability...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server security vulnerability to an information disclosure CVE-2020-4643 has been published in a security bulletin. Vulnerability Details Ref...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server security vulnerability CVE-2019-17566 due to Apache Batik vulnerability has been published in a security bulletin. Vulnerability Detai...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server security vulnerability CVE-2020-4589 to a remote code execution has been published in a security bulletin. Vulnerability Details Refer...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU vulnerability

Summary Vulnerability exposure CVE-2020-14577 from Oracle Jul 2020 QuarterlyCPU in IBM® SDK Java™ may affect Java SDK used in IBM Operations Analytics Predictive Insights 1.3.3, 1.3.3.5, 1.3.6. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Vulnerability Details...

Security Bulletin: Vulnerability related to unauthenticated uploads in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2020-13957)

Summary Unauthenticated configset uploads vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis have been addressed. Vulnerability Details CVEID: CVE-2020-13957 DESCRIPTION: Apache Solr could allow a remote attacker to bypass security restrictions, caused by improper access...