Lucene search
K

131 matches found

Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.10 views

PT-2025-40276

Name of the Vulnerable Software and Affected Versions IBM Transformation Extender Advanced version 10.0.1 Description The software does not enforce strong passwords by default, potentially simplifying account compromise by attackers. Recommendations Ensure users are required to use strong passwor...

7.5CVSS6.5AI score0.00255EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/03 8:57 a.m.3 views

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 8 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology Edition, Version 8. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high...

7.8CVSS7.2AI score0.0073EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/07 6:27 a.m.14 views

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 17 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology, version 17. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impacts. CVSS Source: IBM...

7.3CVSS6.7AI score0.01276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/13 11:22 a.m.28 views

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 8 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology, version 8. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts...

7.4CVSS6.7AI score0.01257EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/20 8:51 a.m.15 views

Security Bulletin: IBM Transformation Extender Advanced v10.0.x is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty's server-side request forgery vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affecte...

4.3CVSS5.5AI score0.00302EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/19 4:26 p.m.15 views

Security Bulletin: IBM Transformation Extender Advanced v10.0.x is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty's denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products...

7.5CVSS6.1AI score0.00792EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/19 11:9 a.m.25 views

Security Bulletin: IBM Transformation Extender Advanced v10.0.x is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty's XML External Entity XXE injection vulnerability Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7CVSS7AI score0.00649EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/12 7:54 p.m.17 views

Security Bulletin: IBM Transformation Extender Advanced v10.0.x is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty information disclosure vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.5CVSS7.2AI score0.00254EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/12 7:23 p.m.29 views

Security Bulletin: IBM Transformation Extender Advanced is affected by a vulnerability in its dependencies

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable in it's dependencies on Apache Commons FileUpload Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused b...

7.5CVSS7.5AI score0.46836EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/12 11:9 a.m.21 views

Security Bulletin: IBM Transformation Extender Advanced v10.0.x is affected by a vulnerability in its dependencies

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to Unix File Parameter Alteration Vulnerability Details CVEID:CVE-2020-3452 DESCRIPTION: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote...

7.5CVSS7.4AI score0.99992EPSS
Exploits24Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/03 9:18 a.m.43 views

Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues due to IBM Java

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote...

7.5CVSS7AI score0.01361EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 5:40 p.m.37 views

Security Bulletin: IBM Transformation Extender Advanced is vulnerable to multiple issues due to IBM WebSphere Application Server Liberty.

Summary IBM Transformation Extender Advanced, previously known as IBM Standards Processing Engine, uses IBM WebSphere Application Server Liberty. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons...

7.5CVSS8AI score0.99999EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/04 10:53 a.m.32 views

Security Bulletin: IBM Transformation Extender Advanced vulnerable to LDAP security bypass due to Apache Derby [CVE-2022-46337]

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, includes and supports Apache Derby as a pre-production database for developers. LDAP for Apache Derby is not supported in production deployment of IBM Transformation Extender Advanced. This bulletin...

9.8CVSS9.3AI score0.01418EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/09 8:27 a.m.19 views

Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues in IBM Java Runtime Environment

Summary IBM Sterling Transformation Extender is vulnerable to multiple issues in IBM Java Runtime Environment Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality...

9.8CVSS7.4AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/17 9:53 a.m.30 views

Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues due to IBM Java Runtime Environment

Summary IBM Sterling Transformation Extender uses IBM Java Runtime Environment. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause...

9.1CVSS8.2AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:29 p.m.63 views

Security Bulletin: IBM Sterling Transformation Extender vulnerable to multiple issues due to IBM SDK, Java Technology Edition

Summary There are vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Apr 2022 - Includes Oracle Apr 2022 CPU minus CVE-2022-21426 vulnerability that affect IBM Sterling Transformation Extender. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability i...

5.3CVSS6.3AI score0.03203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/25 8:51 p.m.613 views

Security Bulletin: Apache Log4j Vulnerability Affects IBM Sterling Transformation Extender (CVE-2021-44228)

Summary IBM Sterling Transformation Extender is impacted by Log4j2 security vulnerability, CVE-2021-44228, where an attacker can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Vulnerability Details...

10CVSS9.7AI score0.99999EPSS
Exploits359Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/15 12:11 p.m.21 views

Security Bulletin: IBM Transformation Extender Advanced is Potentially Vulnerable to an XML External Entity (XXE) Injection in its REST API.

Summary IBM 10x framework used by IBM Transformation Extender Advanced REST API is vulnerable to XXE injection. The vulnerability was reported by IBM Financial Transaction Manager for ACH Services for Multi-Platform which also uses the IBM 10x framework. Vulnerability Details CVEID: CVE-2017-1758...

7.1CVSS0.7AI score0.01635EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/15 12:11 p.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-2017).

Summary IBM WebSphere Application Server Liberty is shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

4.3CVSS7.3AI score0.01876EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/15 12:11 p.m.18 views

Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5892)

Summary IBM 10x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID: CVE-2016-5892...

5.4CVSS1.4AI score0.00615EPSS
Exploits0Affected Software1
Rows per page
Query Builder