3 matches found
Security Bulletin: A security vulnerability has been identified in Apache Storm, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2019-0202)
Summary Apache Storm is shipped with IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting Apache Storm has been published here. Vulnerability Details CVE-ID: CVE-2019-0202 Description: Apache Storm could allow a remote attacker to obtain sensitiv...
CVE-2019-0202
The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints...
CVE-2019-0202
CVE-2019-0202 affects Apache Storm Logviewer: versions 0.9.1-incubating through 1.2.2 expose HTTP endpoints that allow reading arbitrary host files via the logviewer. The root cause is an information disclosure vulnerability in the log viewer endpoints, enabling reading files not intended for acc...