Security Bulletin: OpenSSH vulnerability affects IBM WebSphere Adapter for FTP shipped with IBM Business Automation Workflow - CVE-2021-37533

Summary IBM WebSphere Adapter for FTP is shipped with IBM Business Automation Workflow bundles a vulnerable copy of Apache commons-net. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with...

Security Bulletin: Multiple vulnerabilities reported in YAJSW service shipped in IBM WebSphere eXtreme Scale Liberty Deployment

Summary YAJSW service is used for registering XSLD services with operating system. Vulnerabilities CVE-2024-29131 and CVE-2024-29133 are reported on commons-configuration2-2.8.0.jar used in YAJSW package. Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Apache Commons Configuration could...

CVE-2024-28764

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623...

CVE-2024-28764

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623...

CVE-2024-28764 IBM WebSphere Automation CSV injection

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623...

CVE-2024-28764 IBM WebSphere Automation CSV injection

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623...

CVE-2024-28764

IBM WebSphere Automation 1.7.0 is affected by a CSV injection vulnerability caused by improper validation of CSV file contents. An attacker with privileged network access could execute arbitrary commands on the system (impacting confidentiality, integrity, and availability). The issue stems from ...

CVE-2024-28775

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648...

CVE-2024-28775

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648...

CVE-2024-28775 IBM WebSphere Automation cross-site scripting

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648...

CVE-2024-28775 IBM WebSphere Automation cross-site scripting

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648...

CVE-2024-28775

IBM WebSphere Automation 1.7.0 is affected by a cross-site scripting (XSS) vulnerability that can allow embedding arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credentials disclosure within a trusted session. The issue is documented in various feeds, with I...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is used by IBM Rational ClearQuest (CVE-2024-25026)

Summary IBM WebSphere Application Server WAS is used by IBM Rational ClearQuest server and web components. Information about security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

IBM WebSphere Automation 跨站脚本漏洞

IBM WebSphere Automation is an operations platform from International Business Machines IBM that automates operational activities to proactively reduce security risks and accelerate threat remediation. A cross-site scripting vulnerability exists in IBM WebSphere Automation version 1.7.0, which ca...

IBM WebSphere Automation 安全漏洞

IBM WebSphere Automation is an operations platform from International Business Machines IBM. automates operational activities to proactively reduce security risks and accelerate threat remediation. A security vulnerability exists in IBM WebSphere Automation version 1.7.0, which stems from imprope...

PT-2024-22570 · Ibm · Ibm Websphere Automation

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Automation version 1.7.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-25026)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a denial of service vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: IBM WebSphere Automation is vulnerable to a Privilege Escalation vulnerability (CVE-2024-28764)

Summary IBM WebSphere Automation is vulnerable to a Privilege Escalation vulnerability. Vulnerability Details CVEID:CVE-2024-28764 DESCRIPTION: IBM WebSphere Automation could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary...

Security Bulletin: IBM WebSphere Automation is vulnerable to cross-site scripting (CVE-2024-28775)

Summary IBM WebSphere Automation is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2024-28775 DESCRIPTION: IBM WebSphere Automation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2024-25026

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...