Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2024-45071

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2024-45073)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45071)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45087)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-45071)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a stored cross-site scripting vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-45086)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an XML External Entity Injection XXE vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the...

Security Bulletin: : A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager(CVE-2024-45087)

Summary IBM WebSphere Application Server is used by IBM Tivoli System Automation Application Manager and is vulnerable to cross-site scripting in the Admin Console. Required fixes for affected WebSphere Application Server has been published in the security bulletin links below. Vulnerability...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-45073)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2024-40094).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2024-40094. An update to IBM CICS TX Advanced has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard (CVE-2024-40094).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Standard CVE-2024-40094. An update to IBM CICS TX Standard has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is used by IBM Rational ClearQuest (CVE-2024-45086)

Summary IBM WebSphere Application Server WAS is used by IBM Rational ClearQuest server and web components. Information about security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

Security Bulletin: A security vulnerability in WebSphere Liberty affects IBM Robotic Process Automation and may lead to a denial of service (CVE-2024-7254)

Summary A security vulnerability in WebSphere Liberty affects IBM Robotic Process Automation and may lead to a denial of service CVE-2024-7254. WebSphere Application Liberty is used by IBM Robotic Process Automation as part of Antivirus and Abbyy containers as well as UMS. This bulletin identifie...

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Google Protocol Buffers (CVE-2024-7254)

Summary There is a vulnerability in the Google Protocol Buffers protobuf library used by IBM WebSphere Application Server Liberty with the grpc-1.0 or grpcClient-1.0 feature enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in...

Security Bulletin: Denial of service due to GraphQL Java in IBM WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-40094)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty shipped with IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms (CVE-2024-40094).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms CVE-2024-40094. An update to IBM TXSeries for Multiplatforms has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty may affect IBM SPSS Analytic Server

Summary Multiple vulnerabilities in WebSphere Application Server Liberty may affect IBM SPSS Analytic Server CVE-2024-7254, CVE-2023-50314 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|-...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2024-51471, CVE-2024-51470, CVE-2024-52898, CVE-2024-52897, CVE-2024-52896 Vulnerability Details Refer to the security bulletins...

The vulnerability of the modular application server of IBM WebSphere Liberty Profile, a software for managing transaction applications of the IBM TXSeries for Multiplatforms, allows a hacker to trigger a service failure.

The vulnerability of the modular application server of IBM WebSphere Liberty Profile, a software for managing transaction applications of the IBM TXSeries for Multiplatforms, is related to unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause...

The vulnerability of the modular application server of IBM WebSphere Liberty Profile, a software for managing transaction applications of the IBM TXSeries for Multiplatforms, allows a attacker to execute a “slowloris” type attack.

The vulnerability of the modular application server of IBM WebSphere Liberty Profile, a software for managing transaction applications of the IBM TXSeries for Multiplatforms, is related to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to execute a...

The vulnerability of IBM WebSphere Application Server Liberty and IBM WebSphere Application Server arises from incorrect restrictions on XML references to external objects, which allows attackers to disclose sensitive information.

The vulnerability of IBM WebSphere Application Server Liberty and IBM WebSphere Application Server is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information remotely...