Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 7:48 a.m.40 views

Security Bulletin: Multiple vulnerabilities in Apache Commons IO affect IBM Application Performance Management products

Summary Apache Commons IO is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An...

5.8CVSS6.4AI score0.10608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 6:46 a.m.58 views

Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in hadoop-hdfs-2.7.3.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service,...

8.8CVSS8.4AI score0.06554EPSS
Exploits0Affected Software1
CVE
CVE
added 2021/03/02 4:55 p.m.48 views

CVE-2020-4725

CVE-2020-4725 affects IBM Cloud APM (IBM Monitoring) 8.1.4. An authenticated user can modify HTML content via a specially crafted HTTP request to the APM UI, potentially misleading another user. Root cause: UI content modification without proper access segregation. Impact is limited to HTML conte...

4.3CVSS4.4AI score0.00661EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/07 2:23 a.m.23 views

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.11.0 ESR) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15649, CVE-2020-15650 Vulnerability Details CVEID: CVE-2020-15649 DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass security restrictions. By persuading a victim to install a specially crafte...

5.5CVSS1.7AI score0.00721EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/14 11:48 a.m.38 views

Security Bulletin: A vulnerability in Netty affects the IBM Performance Management product (CVE-2019-16869)

Summary Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and...

7.5CVSS0.4AI score0.08415EPSS
Exploits1Affected Software1
Prion
Prion
added 2019/09/17 7:15 p.m.14 views

Design/Logic Flaw

IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

4.3CVSS6.1AI score0.01194EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder