92 matches found
CVE-2019-4750
IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 173310...
CVE-2019-4751
IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...
CVE-2019-4750
IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 173310...
Information disclosure
IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...
CVE-2019-4750
IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 173310...
Security Bulletin: A vulnerability in IBM Java SDK affects IBM Cloud App Management (CVE-2020-2593)
Summary An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. This vulnerability has been addressed by IBM Cloud App Management in a later...
Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud App Management
Summary There are multiple vulnerabilities in Mozilla Firefox used by IBM® Cloud App Management. IBM Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2020-6796 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrar...
Security Bulletin: Multiple vulnerabilities in IBMJava SDK affect IBM Cloud App Management
Summary There are vulnerabilities in IBM Java SDK used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated...
Security Bulletin: IBM Cloud App Management is vulnerable to cross-site request forgery (CVE-2019-4750)
Summary IBM Cloud App Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. This vulnerability has been addressed by IBM Cloud App Management in a later version...
Security Bulletin: A vulnerability in IBM WebSphere Application Server and Liberty affects IBM Cloud App Management (CVE-2019-4441)
Summary IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. This vulnerability has been addressed by IBM Cloud App Management in a later version. Vulnerability Details CVEID:...
Trend Micro Cloud App Security Blocked 12.7 Million High-Risk Email Threats in 2019 – in addition to those detected by cloud email services’ built-in security
On March 3, 2020, the cyber division of Federal Bureau of Investigation FBI issued a private industry notification calling out Business Email Compromise BEC scams through exploitation of cloud-based email services. Microsoft Office 365 and Google G Suite, the two largest cloud-based email service...
DuoDuo cloud mobile app obs credentials have information leakage vulnerability
DuoDuo Cloud Mobile is a support cloud cell phone multi-opening APP developed by Fujian DuoDuo Cloud Technology Co. DuoDuoCloud Mobile APP obs credentials have information leakage vulnerability, attackers can use the vulnerability to cause system information leakage...
New Microsoft Security innovations and partnerships
Today on the Official Microsoft Blog, Ann Johnson, Corporate Vice President of the Cybersecurity Solutions Group, shared how Microsoft is helping turn the tide in cybersecurity by putting artificial intelligence AI in the hands of defenders. She announced the general availability of Microsoft...
Further enhancing security from Microsoft, not just for Microsoft
Legacy infrastructure. Bolted-on security solutions. Application sprawl. Multi-cloud environments. Company data stored across devices and apps. IT and security resource constraints. Uncertainty of where and when the next attack or leak will come, including from the inside. These are just a few of...
Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management
Summary There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2019-9517 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by an Internal Dat...
Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management
Summary There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2019-9513 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop...
Security Bulletin: Multiple vulnerabilities in MongoDB server affect IBM Cloud App Management
Summary There are vulnerabilities in MongoDB used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2019-2389 DESCRIPTION: MongoDB Server is vulnerable to a denial of service, caused by a flaw in the SysV...
Top 5 use cases to help you make the most of your Cloud Access Security Broker
The number of apps and the flexibility for users to access them from anywhere continues to increase. This presents a challenge for IT departments in ensuring secure access and protecting the flow of critical data with a consistent set of controls. Cloud Access Security Brokers CASBs are a new...
Microsoft is awarded Zscaler’s Technology Partner of the Year for 2019
Last week at Zscaler’s user conference, Zenith Live, Microsoft received Zscaler’s Technology Partner of the Year Award in the Impact category. The award was given to Microsoft for the depth and breadth of integrations we’ve collaborated with Zscaler on and the positive feedback received from...
Security Bulletin: A vulnerability in Node.js affects IBM Cloud App Management V2018
Summary There is a vulnerability in Node.js used by IBM® Cloud App Management V2018. Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a lo...