Lucene search
K

39 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 12:31 p.m.35 views

Security Bulletin: Vulnerabilities found in cxf-rt-transports-http-3.0.3.jar which is shipped with IBM® Intelligent Operations Center(CVE-2016-6812, CVE-2018-8039, CVE-2020-13954)

Summary Multiple vulnerabilities have been identified in cxf-rt-transports-http-3.0.3.jarr which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

8.1CVSS7.3AI score0.42993EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:7 p.m.51 views

Security Bulletin: A security vulnerability has been identified in Apache CXF, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-8039)

Summary Apache CXF is shipped with IBM Tivoli Network Manager IP Edition. Information about a security vulnerability affecting Apache CXF has been published here. Vulnerability Details CVE-ID: CVE-2018-8039 Description: Apache CXF could allow a remote attacker to conduct a man-in-the-middle attac...

8.1CVSS6.5AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:59 p.m.44 views

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)

Summary WebSphere Application Server is vulnerable to possible man-in-the-middle attacks. This is caused by the failure to encrypt ORB communication or by an Apache CXF vulnerability. Vulnerability Details CVEID: CVE-2018-1683 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a...

8.1CVSS0.5AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:37 a.m.31 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2014-7810, CVE-2018-8039)

Summary IBM WebSphere Application Server Liberty is affected by Apache Tomcat and CXF vulnerabilities that affect IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. Vulnerability Details CVEID: CVE-2014-7810 DESCRIPTION: Apache Tomcat could allow a remote attacker...

8.1CVSS6.8AI score0.13872EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/09 2:29 p.m.42 views

Security Bulletin: IBM Security Guardium is affected by an "Apache CXF" jar vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2017-12624 DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could exploit this vulnerability to cause the AX-WS and...

8.1CVSS0.6AI score0.10394EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/10/27 12:0 a.m.36 views

IBM WebSphere Application Server 9.0.x < 9.0.0.9 MITM (CVE-2018-8039)

The IBM WebSphere Application Server running on the remote host is version 9.0.x prior to 9.0.0.9. It is, therefore, affected by a man-in-the-middle MITM vulnerability in the Apache CXF sub-component due to the TLS hostname verification not working correctly with the com.sun.net.ssl interface. A...

8.1CVSS7.5AI score0.10394EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/22 8:46 a.m.21 views

Security Bulletin: Vulnerabilities exist in Watson Explorer Analytical Components and Watson Content Analytics (CVE-2018-8039, CVE-2017-1788)

Summary Security vulnerabilities have been identified in IBM Watson Explorer Analytical Components, Watson Explorer Foundational Components Annotation Administration Console, and IBM Watson Content Analytics. Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote...

8.1CVSS1AI score0.10394EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2020/03/28 1:54 p.m.47 views

CVE-2018-8039

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in...

8.1CVSS2.6AI score0.10394EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/11 9:31 p.m.43 views

Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2018-8039)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Potenti...

8.1CVSS2.9AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/13 12:51 p.m.22 views

Security Bulletin: Open Source Apache CXF Vulnerablities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2018-8039)

Summary Vulnerabilities in Open Source Apache CXF affect IBM Tivoli Application Dependency Discovery Manager Vulnerability Details CVE-ID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a man-in-the-middle attack. The TLS hostname verification does not work correct...

8.1CVSS0.7AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/19 3:30 p.m.70 views

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilties

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Cognos Analytics. These issues were disclosed as part of the IBM Java SDK updates in October 2017, January 2018, April 2018, July 2018, October 2018, January 2019 and April 2019. Cognos Analytics has...

10CVSS0.5AI score0.49024EPSS
Exploits15Affected Software1
Openbugbounty
Openbugbounty
added 2019/07/23 4:47 a.m.8 views

al.sp.gov.br Improper Access Control vulnerability

Open Bug Bounty ID: OBB-903200 Security Researcher Gh05tPT Helped patch 6893 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting al.sp.gov.br website and...

Exploits0
Tenable Nessus
Tenable Nessus
added 2019/07/17 12:0 a.m.46 views

Oracle Enterprise Manager Cloud Control (Jul 2019 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - An unspecified vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite...

8.8CVSS6.5AI score0.17139EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/09 11:30 p.m.33 views

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty affect IBM Spectrum Protect for Workstations Central Administration Console (CVE-2014-7810, CVE-2018-8039, CVE-2018-1901)

Summary IBM WebSphere Application Server Liberty is affected by Apache Tomcat, Apache CXF, and elevation of privileges vulnerabilities which affect the IBM Spectrum Protect for Workstations formerly Tivoli Storage Manager FastBack for Workstations Central Administration Console CAC. Vulnerability...

8.8CVSS1.2AI score0.13872EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/28 11:50 a.m.22 views

Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-8039)

Summary There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue may allow a remote attacker to conduct a man-in-the-middle attack. Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a...

8.1CVSS0.8AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/28 3:15 p.m.56 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities for IBM WebSphere Liberty Server

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to multiple security vulnerabilities. There are multiple vulnerabilities in IBM® WebSphere Liberty Server, Version 18.0.0.4 included in this release of IGI. These issues were disclosed as par...

9.8CVSS0.9AI score0.13872EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/27 5:5 p.m.55 views

Security Bulletin: Potential MITM attack in Apache CXF used by WebSphere Application Server affects IBM Operations Analytics - Log Analysis (CVE-2018-8039)

Summary There is a potential man-in-the-middle attack in Apache CXF used by WebSphere Application Server CVE-2018-8039 Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a man-in-the-middle attack. The TLS hostname verification does not wor...

8.1CVSS2.5AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/14 6:20 a.m.26 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2018-8039)

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin: Potential...

8.1CVSS1.8AI score0.10394EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/12 1:15 p.m.32 views

Security Bulletin: Potential MITM attack in Apache CXF used by IBM Event Streams (CVE-2018-8039)

Summary There is a potential man-in-the-middle attack in Apache CXF used by IBM Event Streams CVE-2018-8039 Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a man-in-the-middle attack. The TLS hostname verification does not work correctly...

8.1CVSS2.3AI score0.10394EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2018/12/11 2:12 p.m.112 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R10 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.7AI score0.25459EPSS
Exploits1References6
Rows per page
Query Builder