Security Bulletin: Multiple vulnerabilities in ivy-2.4.0.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in ivy-2.4.0.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37865 DESCRIPTION: Apache Ivy could allow a local authenticated attacker to...

Security Bulletin: Multiple vulnerabilities in hadoop-hdfs-2.7.3.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in hadoop-hdfs-2.7.3.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-11768 DESCRIPTION: Apache Hadoop is vulnerable to a denial of service,...

Security Bulletin: Multiple vulnerabilities in scala-compiler-2.11.8.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in scala-compiler-2.11.8.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-15288 DESCRIPTION: Scala could allow a local authenticated attacke...

Security Bulletin: Multiple vulnerabilities in pmml-model-1.2.15.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in pmml-model-1.2.15.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 234344 DESCRIPTION: Java PMML JPMML-Model is vulnerable to an XML...

Security Bulletin: Multiple vulnerabilities in guava-14.0.1.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in guava-14.0.1.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2018-10237 DESCRIPTION: Google Guava is vulnerable to a denial of service, cause...

Security Bulletin: Multiple vulnerabilities in commons-codec-1.10.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in commons-codec-1.10.jar used by IBM Application Performance Management. IBM Applicatoon Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...

ZOHO ManageEngine Applications Manager Cross-Site Scripting Vulnerability (CNVD-2023-64220)

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A cross-site scripting...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects APM Agents for Monitoring

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. This effects all IBM Cloud Application Performance Management agents, all versions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a...

The vulnerability of the data storage system based on Docker for APM monitoring in IBM Instana Observability allows a attacker to gain access to read or modify data.

The vulnerability of the Docker-based data storage solution for APM monitoring in IBM Instana Observability involves a lack of authentication for critical functions. Exploiting this vulnerability could allow an attacker operating remotely to gain access to read or modify data...

PT-2023-12668 · Hitachi · Lumada Apm

Name of the Vulnerable Software and Affected Versions: Lumada APM on-premises versions 6.0.0.0 through 6.4.0. Description: A vulnerability exists in Lumada APM's User Asset Group feature due to a flaw in access control mechanism implementation on the "Limited Engineer" role, granting it access to...

Holiday Readiness, Part I: Best Practices for Maintaining Peak Performance

Preparing for a post-pandemic holiday season means managing for peak application and system performance...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2021-45346)

Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring RRT Agent (CVE-2021-45346)

Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...

Apache SkyWalking Denial of Service Vulnerability

Apache SkyWalking is an application performance monitor from the Apache Foundation that is primarily used in environments such as microservices, cloud-native and container-based. A denial of service vulnerability exists in Apache SkyWalking NodeJS Agent prior to version 0.5.1, which stems from an...

Zoho ManageEngine Applications Manager SQL Injection Vulnerability

ZOHO ManageEngine Applications Manager is an IT operations management solution from ZOHO, Inc. The product features application performance management, fault management, report generation, and SLA management.A security vulnerability exists in Zoho ManageEngine Applications Manager, which stems fr...

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following products: Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute attacks that result in the following...

Zoho ManageEngine Applications Manager elevation of privilege vulnerability (CNVD-2021-88236)

Zoho ManageEngine Applications Manager is an application performance monitoring and management solution for various business monitoring and management needs of enterprises. An elevation of privilege vulnerability exists in /showReports.do in Zoho ManageEngine Applications Manager 14550 and earlie...

Zoho ManageEngine Applications Manager Server-Side Request Forgery Vulnerability

Zoho ManageEngine Applications Manager is an application performance monitoring and management solution for various business monitoring and management needs of enterprises. A server-side request forgery vulnerability exists in Zoho ManageEngine Applications Manager build 15200. No details of the...

CVE-2021-22514

An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM...

Micro Focus Application Performance Management Code Execution Vulnerability

Micro Focus Application Performance Management is a comprehensive monitoring system from infrastructure to applications from Micro Focus UK. A code execution vulnerability exists in Micro Focus Application Performance Management versions 9.40, 9.50, and 9.51, which can be exploited by an attacker...