Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2021-2163)

Summary IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat CVE-2021-2163 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat due to use of OpenSSL (CVE-2022-2068)

Summary IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat CVE-2022-2068 due to the use of OpenSSL. OpenSSL is used by the TS7700 to provide cryptographic capabilities. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability Details...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to multiple threats due to use of IBM WebSphere Application Server Liberty (CVE-2022-34165, CVE-2022-22476)

Summary IBM Virtualization Engine TS7700 is vulnerable to HTTP header injection CVE-2022-34165 and identity spoofing CVE-2022-22476 due to the use of IBM WebSphere Application Server Liberty. WebSphere Application Server Liberty is used by the TS7700 to provide the Management Interface. IBM...

Security Bulletin: Due to use of IBM® SDK Java™ Technology Edition, IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat (CVE-2022-21496)

Summary IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat CVE-2022-21496 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud Tiering...

Security Bulletin: Due to use of OpenSSL, IBM Virtualization Engine TS7700 is vulnerable to denial of service (CVE-2022-0778) and privilege escalation (CVE-2022-1292)

Summary IBM Virtualization Engine TS7700 is vulnerable to denial of service CVE-2022-0778 and privilege escalation CVE-2022-1292 due to the use of OpenSSL. OpenSSL is used by IBM Virtualization Engine TS7700 for inbound and outbound TLS connections other than those provided by the Management...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021 & January 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2021 and January 2022. IBM Virtualization Engine TS7700 has addressed the applicable...

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Virtualization Engine TS7700 (CVE-2021-35517, CVE-2021-36090)

Summary IBM Virtualization Engine TS7700 is vulnerable to two potential denial of service conditions due to WebSphere Application Server Liberty. IBM Virtualization Engine TS7700 has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35517 DESCRIPTION: Apache Commons Compress is...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM Virtualization Engine TS7700 has addressed the applicable CVEs. Vulnerabili...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - July 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in July 2021. IBM Virtualization Engine TS7700 has addressed the applicable CVEs. Vulnerability...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2020 & January 2021

Summary There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021. IBM Virtualization Engine TS7700 has addressed the...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - July 2020

Summary There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in July 2020. IBM Virtualization Engine TS7700 has addressed the applicable CVEs...

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Virtualization Engine TS7700 (CVE-2020-11868)

Summary There is a vulnerability in the Network Time Protocol NTP implementation embedded within the IBM Virtualization Engine TS7700. Vulnerability Details CVEID: CVE-2020-11868 DESCRIPTION: NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with ...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Virtualization Engine TS7700 - April 2020

Summary There are two vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in the first half of 2020. IBM Virtualization Engine TS7700 has addressed the applicable CVEs...

Huawei FusionCompute Information Disclosure Vulnerability (CNVD-2020-46464)

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An information disclosure vulnerability exists in Huawei FusionCompute version 8.0.0, which originates from the program failing t...

Huawei FusionCompute License Issue Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An authorization issue vulnerability exists in Huawei FusionCompute version 8.0.0, which stems from a module not properly...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Virtualization Engine TS7700 - January 2020

Summary There is a vulnerability in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. This issue was disclosed as part of the IBM Java SDK updates in January 2020. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability...

RHEL 7 : Red Hat Virtualization Engine security, 4.3.9 (Low) (RHSA-2020:1308)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1308 advisory. The org.ovirt.engine-root is a core component of oVirt. The following packages have been upgraded to a later upstream version:...

RHEL 7 : Red Hat Virtualization Engine (RHSA-2020:0498)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0498 advisory. - ovirt-engine: responsetype parameter allows reflected XSS CVE-2019-19336 Note that Nessus has not tested for this issue but has instead relied only...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - July 2019 and October 2019

Summary There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in July 2019 and October 2019. IBM Virtualization Engine TS7700 has addressed the...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Virtualization Engine TS7700 - April 2019

Summary There is a vulnerability in IBM® SDKs Java™ Technology Edition, Versions 7 and 8, as used by IBM Virtualization Engine TS7700. This issue was disclosed as part of the IBM Java SDK updates in April 2019. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability Detai...