CVE-2024-40685

IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...

IBM Operations Analytics - Log Analysis 跨站请求伪造漏洞

IBM Operations Analytics – Log Analysis is a log analysis software developed by IBM. Versions 1.3.5.0 to 1.3.8.3 of IBM Operations Analytics – Log Analysis contain a cross-site request forgeing vulnerability. This vulnerability is due to a susceptibility to cross-site request forgery attacks, whi...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack

Summary IBM Operations Analytics – Log Analysis uses CSRF tokens to prevent unauthorised actions from being performed by an attacker on behalf of an authenticated user. CVE-2024-40685. Vulnerability Details CVEID:CVE-2024-40685 DESCRIPTION: IBM SmartCloud Analytics - Log Analysis is vulnerable to...

Security Bulletin: Due to use of Apache Derby, IBM Operations Analytics - Log Analysis is affected by Improperly Controlled Modification

Summary Package jszip is used by IBM Operations Analytics - Log Analysis as compression in web interface for Apache Derby. CVE-2021-23413. Vulnerability Details CVEID:CVE-2021-23413 DESCRIPTION: This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object...

Red Hat 389-ds-base Competitive Conditions Vulnerability

Red Hat 389-ds-base is an American Red Hat package that includes a Linux directory server and a server administration command-line program. A competitive condition vulnerability exists in the handling of persistent searches in Red Hat 389-ds-base versions prior to 1.4.0.10 and prior to 1.3.8.3. A...