Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 5:19 a.m.44 views

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2018-17196)

Summary Apache Kafka is vulnerable to improper input validation that could allow remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2018-17196 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper...

8.8CVSS6.7AI score0.05479EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 4:32 a.m.67 views

Security Bulletin: There are multiple security vulnerabilities in Apache Storm used by IBM Tivoli Netcool Manager.

Summary Apache-storm, used by IBM Tivoli Network Manager, contains many internal libraries which are vulnerable to various types of CVEs. Revealing sensitive information CVE-2021-28169, bypassing ACL validations CVE-2018-17196, heap based buffer overflow CVE-2015-5237, denial of service...

9CVSS9.2AI score0.7848EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/16 6:6 p.m.38 views

Security Bulletin: Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2021-38153, CVE-2018-17196)

Summary Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to...

8.8CVSS1.9AI score0.05773EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/15 12:0 a.m.92 views

Oracle Primavera P6 Enterprise Project Portfolio Management Multiple Vulnerabilities (Jul 2020 CPU)

According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 16.1.x prior to 16.2.20.1, 17.1.x prior to 17.12.17.1, 18.1.x prior to 18.8.19, or 19.12.x prior to 19.12.6.0. It is, therefore,...

9.8CVSS6.7AI score0.07269EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.36 views

Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Kafka vulnerability (CVE-2018-17196)

Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in Apache Kafka Vulnerability Details CVEID: CVE-2018-17196 DESCRIPTION: In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypass...

8.8CVSS1AI score0.05479EPSS
Exploits0Affected Software1
CVE
CVE
added 2019/07/11 8:37 p.m.270 views

CVE-2018-17196

CVE-2018-17196 (Apache Kafka) : A vulnerability in Kafka versions 0.11.0.0–2.1.0 allows a remote authenticated attacker to bypass transaction/idempotent ACL validation by crafting a Produce request. The issue stems from improper input validation, requiring authenticated clients with Write permiss...

8.8CVSS8.3AI score0.05479EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder