Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/07/06 5:31 a.m.80 views

Security Bulletin: Multiple security vulnerabilities have been identified in Elasticsearch shipped with IBM Tivoli Netcool Impact

Summary Elasticsearch is shipped with IBM Tivoli Netcool Impact, Information about multiple security vulnerabilities affecting elasticsearch has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-7020 DESCRIPTION: Elastic Enterprise Search could allow a remote...

8.1CVSS0.5AI score0.02149EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/28 7:3 a.m.55 views

Security Bulletin: Multiple vulnerabilities may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) offline documentation

Summary IBM Business Process Manager and IBM Business Automation Workflow offline documentation packages open source libraries with known vulnerabilities. Do not install offline documentation and remove existing installations with the fix provided below. Vulnerability Details CVEID: CVE-2021-2335...

8.1CVSS0.7AI score0.10608EPSS
Exploits4Affected Software4
NVD
NVD
added 2018/09/19 7:29 p.m.16 views

CVE-2018-3823

X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting XSS vulnerability. Users with manageml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to obtain sensitive information from or perform destructiv...

5.4CVSS6AI score0.00647EPSS
Exploits0References2
CVE
CVE
added 2018/09/19 7:0 p.m.60 views

CVE-2018-3823

CVE-2018-3823 affects Elastic X-Pack Machine Learning in Kibana/Elasticsearch prior to versions 6.2.4 and 5.6.9. The vulnerability is a cross-site scripting (XSS) flaw caused by improper validation of user-supplied input in ML job configurations; users with manage_ml permissions could embed malic...

5.4CVSS5.6AI score0.00647EPSS
Exploits0References2Affected Software1
Elastic
Elastic
added 2018/04/17 7:18 p.m.7 views

Elastic Stack 6.2.4 and 5.6.9 security update

X-Pack Machine Learning XSS vulnerability ESA-2018-06 X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting XSS vulnerability. Users with manageml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to...

6.1CVSS5.9AI score0.00866EPSS
Exploits0
Rows per page
Query Builder