Security Bulletin: Tivoli Storage Productivity Center is affected by the following OpenSSL vulnerabilities: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450

Summary Security vulnerabilities have been discovered in OpenSSL that were reported by the OpenSSL Project. Vulnerability Details CVE-ID:CVE-2013-4353 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious S/MIME messages. By sendin...

CVE-2021-41001

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine NAE in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...

CVE-2021-41001

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine NAE in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...

Remote code execution

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine NAE in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...

CVE-2021-41001

An authenticated remote code execution vulnerability exists in Aruba AOS-CX Network Analytics Engine (NAE) across Aruba CX 6200F, 6300, 6400, 8320, 8325, 8400, and CX 8360 series. Affected versions are listed as AOS-CX 10.07.xxxx (≤10.07.0050), 10.08.xxxx (≤10.08.1030), and 10.09.xxxx (≤10.09.000...

PT-2022-11350 · Aruba · Aos-Cx +7

Name of the Vulnerable Software and Affected Versions: Aruba CX 6200F Switch Series versions AOS-CX 10.07.xxxx: 10.07.0050 and below Aruba 6300 Switch Series versions AOS-CX 10.07.xxxx: 10.07.0050 and below Aruba 6400 Switch Series versions AOS-CX 10.07.xxxx: 10.07.0050 and below Aruba 8320 Switc...

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Spectrum Control

Summary Multiple security vulnerabilities are fixed in IBM Spectrum Control formerly Tivoli Storage Productivity Center - CVE-2016-5943, CVE-2016-5944, CVE-2016-5945, CVE-2016-5946, CVE-2016-5947 Vulnerability Details CVEID: CVE-2016-5943 DESCRIPTION: IBM Storage Insights SaaS and IBM Spectrum...

Security Bulletin: OpenSource Apache Taglibs vulnerability affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) CVE-2015-0254

Summary OpenSource Apache Taglibs vulnerability affects IBM Spectrum Control and Tivoli Storage Productivity Center. IBM Spectrum Control and Tivoli Storage Productivity Center have addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs coul...

Security Bulletin: Vulnerability in Python affects IBM Analytics Engine (CVE-2018-14647)

Summary Python is vulnerable to a denial of service, caused by a flaw in the elementtree C accelerator. By using a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a resource exhaustion. Vulnerability Details CVE-ID: CVE-2018-14647 DESCRIPTION: Python’s...

Security Bulletin: Vulnerability in PySpark affects IBM Analytics Engine (CVE-2018-11760)

Summary When using PySpark, it’s possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1. Vulnerability Details CVE-ID: CVE-2018-11760 DESCRIPTION:...

Today’s File Security is So ‘80s, Part 2: Detect Suspicious File Access with Dynamic Peer Groups

In a previous post, we shared three primary reasons why the traditional, static approach to file security no longer works for today’s modern enterprises. Working groups are formed organically and are cross-functional by nature, making a black and white approach to file access control outdated—it...

[SECURITY] Fedora 22 Update: elasticsearch-1.6.1-0.fc22

Elasticsearch is a search server based on Lucene. It provides a distributed, multitenant-capable full-text search engine with a RESTful web interface and schema-free JSON documents. Elasticsearch is developed in Java and is relea sed as open source under the terms of the Apache License. It is a...