Lucene search
K

118 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 10:16 a.m.32 views

Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.

Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945 Vulnerability Details CVEID:CVE-2024-2095...

7.4CVSS6.7AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 10:15 a.m.31 views

Security Bulletin: vulnerability in OpenSSL affects IBM Workload Automation.

Summary IBM Workload Automation is potentially affected by a vulnerability in OpenSSL that can cause denial of service CVE-2023-6129 Vulnerability Details CVEID:CVE-2023-6129 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the POLY1305 MAC message authentication cod...

6.5CVSS6.9AI score0.02323EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 10:13 a.m.17 views

Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.

Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2023-22081, CVE-2023-22067, CVE-2023-5676 Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Ja...

5.9CVSS6.4AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 8:59 a.m.31 views

Security Bulletin: vulnerability in OpenSSL affects IBM Workload Automation.

Summary IBM Workload Automation has updated OpenSSL to address vulnerability CVE-2023-5678 Vulnerability Details CVEID:CVE-2023-5678 DESCRIPTION: Openssl is vulnerable to a denial of service, caused by a flaw when using DHgeneratekey function to generate an X9.42 DH key. By sending a specially...

5.3CVSS6.3AI score0.04459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/11 9:52 a.m.59 views

Security Bulletin: IBM Workload Automation potentially affected by multiple vulnerabilities in Java.

Summary IBM Workload Automation potentially vulnerable to multiple vulnerabilities in Java that can cause integrity, availability, information disclosure issues CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597...

9.1CVSS8.8AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 11:6 a.m.50 views

Security Bulletin: IBM Workload Automation is potentially affected by a vulnerability in OpenSSL that might cause Denial of Service

Summary IBM Workload Automation is potentially affected by multiple vulnerabilities in OpenSSL that could cause Denial of Service CVE-2023-4807, CVE-2023-3817 Vulnerability Details CVEID:CVE-2023-4807 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a state corruption flaw in...

7.8CVSS6.8AI score0.02577EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/18 3:34 p.m.41 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Automation.

Summary IBM Workload Automation has updated OpenSSL to address multiple vulnerabilities. CVE-2023-2650, CVE-2023-0464, CVE-2023-0466, CVE-2023-0465. Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJobj2txt directly...

7.5CVSS7.1AI score0.73461EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/16 6:40 p.m.24 views

Security Bulletin: IBM Workload Automation affected by multiple vulnerabilities in RHEL (CVE-2023-32681, CVE-2022-48468)

Summary IBM Workload Automation container solution is affectedby multiple vulnerabilities found in RHEL. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to...

6.1CVSS7AI score0.02782EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/02/14 3:8 p.m.20 views

GHSA-5MP4-32RR-V3X5 Absolute path traversal vulnerability in digdag server

Summary Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. Impact This issue may lead to Information Disclosure...

5.3CVSS5.1AI score0.29646EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 4:16 p.m.32 views

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Google Guava (CVE-2023-2976)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Google Guava that can cause sensitive information disclosure. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused ...

7.1CVSS5.9AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/13 4:12 p.m.25 views

Security Bulletin: IBM Workload Automation potentially affected by a vulnerability in Okio GzipSource (CVE-2023-3635)

Summary IBM Workload Automation is potentially affected by a vulnerability found in Okio GzipSource that can cause denial of service. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially...

7.5CVSS6.4AI score0.01077EPSS
Exploits1Affected Software1
NVD
NVD
added 2023/04/26 8:15 p.m.27 views

CVE-2023-28009

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.1CVSS7AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2023/04/26 8:15 p.m.4 views

CVE-2023-28009

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.1CVSS7.3AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2023/04/26 8:15 p.m.2 views

CVE-2023-28008

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.1CVSS7.3AI score0.00821EPSS
Exploits0References1
Prion
Prion
added 2023/04/26 8:15 p.m.12 views

Xxe

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

5.5CVSS8.1AI score0.00821EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/26 8:15 p.m.15 views

Xxe

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

5.5CVSS8.1AI score0.00757EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/26 7:38 p.m.50 views

CVE-2023-28009

CVE-2023-28009 affects HCL Workload Automation. The vulnerability is an XML External Entity (XXE) injection in the XML processing path. Impact stated in sources: potential exposure of sensitive information and/or memory/resource exhaustion. Exploitation details are not provided in the documents; ...

8.1CVSS7.2AI score0.00757EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/26 7:38 p.m.13 views

CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

6.5CVSS8.1AI score0.00757EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/26 7:38 p.m.25 views

CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

6.5CVSS8.3AI score0.00757EPSS
Exploits0References1
CVE
CVE
added 2023/04/26 7:24 p.m.44 views

CVE-2023-28008

CVE-2023-28008 affects HCL Workload Automation versions 9.4, 9.5, and 10.1 where XML data is processed. The root cause is XML External Entity (XXE) injection in the XML processing path, enabling a remote attacker to access sensitive information or exhaust memory resources as described across mult...

8.1CVSS7.5AI score0.00821EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder