Lucene search
K

241 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.32 views

Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities

Summary Multiple security vulnerabilities have been identified in OpenSSL that is used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain...

6.5CVSS0.7AI score0.83645EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.38 views

Security Bulletin: Vulnerability in SSLv3 affects IBM Cloud Manager with OpenStack (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM SmartCloud Entry. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...

4.3CVSS1AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.39 views

Security Bulletin: Multiple security vulnerabilities in dnsmasq affect IBM Cloud Manager with OpenStack

Summary Multiple security vulenrability have been identified in dnsmasq that is used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-14495 DESCRIPTION: dnsmasq is vulnerable to a denial of service, caus...

9.8CVSS1.6AI score0.93307EPSS
Exploits32Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 8:2 a.m.39 views

Security Bulletin: Malformed ECParameters causes infinite loop (CVE-2015-1788)

Summary IBM Cloud Manager with Openstack is vulnerable to a denial of service which could allow a remote attacker to expoit this vulnerability to cause the application to enter into an infinite loop. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of...

4.3CVSS1.9AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.52 views

Security Bulletin: Multiple security vulnerabilities in IBM Cloud Manager with OpenStack affect IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

Summary IBM Cloud Manager with OpenStack is shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise. Multiple security vulnerabilities have been identified in dnsmasq that is used by IBM Cloud Manager with OpenStack. Information about a security vulnerability affecting IBM Cloud...

9.8CVSS9.8AI score0.93307EPSS
Exploits32Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.23 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Cloud Orchestrator, HTTP Server and bundling products shipped with Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2015-1788)

Summary Denial of Service vulnerability has been identified in OpenSSL. IBM Cloud Orchestrator® and IBM Cloud Orchestrator Enterprise Edition have addressed this issue. This issue was also addressed by IBM Cloud Manager with OpenStack, IBM HTTP Server, and IBM DB2® LUW which are shipped with IBM...

4.3CVSS0.8AI score0.23222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.30 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise and supporting products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerability Details CVEID:...

4.3CVSS0.7AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:30 p.m.31 views

Security Bulletin: Security vulnerability in IBM Business Process Manager shipped with IBM SmartCloud Orchestrator and IBM Cloud Orchestrator (CVE-2014-8730)

Summary IBM Business Process Manager and DB2 Enterprise Server Edition are shipped as components of IBM SmartCloud Orchestrator and IBM Cloud Orchestrator. Information about a security vulnerability CVE-2014-8730 affecting both IBM Business Process Manager and IBM DB2 has been published in a...

4.3CVSS0.1AI score0.1372EPSS
Exploits0
Prion
Prion
added 2017/09/19 3:29 p.m.20 views

Unrestricted file upload

Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...

6.5CVSS7.7AI score0.07352EPSS
Exploits3References2Affected Software1
Symantec
Symantec
added 2015/07/14 12:0 a.m.78 views

Oracle Java SE CVE-2015-2590 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 6u95, Java SE 7u80, Java SE 8u45, Java SE...

10CVSS0.8AI score0.25469EPSS
Exploits0References1Affected Software53
NVD
NVD
added 2014/09/09 1:55 a.m.11 views

CVE-2014-5641

The Cloud Manager aka com.ileaf.cloudmanager application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00271EPSS
Exploits0References3
Prion
Prion
added 2014/09/09 1:55 a.m.12 views

Design/Logic Flaw

The Cloud Manager aka com.ileaf.cloudmanager application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/09/09 1:0 a.m.17 views

CVE-2014-5641

The Cloud Manager aka com.ileaf.cloudmanager application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00271EPSS
Exploits0References3
CVE
CVE
added 2014/09/09 1:0 a.m.31 views

CVE-2014-5641

CVE-2014-5641 affects the Cloud Manager (com.ileaf.cloud_manager) Android app v1.6. The vulnerability is due to failure to verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and access sensitive data via a crafted certificate. Documented impact is ex...

5.4CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.48 views

ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability

ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-278 September 2, 2011 -- CVE ID: CVE-2011-2654 -- CVSS: 9.3, AV:N/AC:M/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell eDirectory --...

9.3CVSS0.9AI score0.03634EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.32 views

Cloud Manager unaurhozied access

Insufficient authentication in RPC-based service...

9.3CVSS4AI score0.03634EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2011/09/06 3:55 p.m.17 views

CVE-2011-2654

The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...

9.3CVSS7.5AI score0.03634EPSS
Exploits0References5
Prion
Prion
added 2011/09/06 3:55 p.m.14 views

Session fixation

The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...

9.3CVSS8.2AI score0.03634EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2011/09/06 3:0 p.m.46 views

CVE-2011-2654

The CVE-2011-2654 issue affects Novell Cloud Manager 1.1.2 prior to Patch 3. The RPC server fails to properly initialize objects, enabling remote attackers to execute arbitrary code by issuing privileged RPC calls tied to a partially initialized session. Impact is high (remote code execution with...

9.3CVSS7.8AI score0.03634EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/09/06 3:0 p.m.24 views

CVE-2011-2654

The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session...

7.5AI score0.03634EPSS
Exploits0References5
Rows per page
Query Builder