Lucene search
K

26 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/14 3:28 p.m.28 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Digital Business Automation Workflow family products (CVE-2019-17573)

Summary WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow and IBM Business Process Manager. Information about a security vulnerability affecting I...

7.5AI score0.07055EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.42 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect BM Spectrum Control (CVE-2019-17573, CVE-2019-12406)

Summary IBM WebSphere Application Server Liberty is vulnerable to Apache CXF cross-site scripting and denial of service . These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by imprope...

6.5CVSS7.6AI score0.07055EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.1 views

cxf: XSS via the styleSheetPath

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...

6.1CVSS7.3AI score0.42993EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/04/22 4:15 p.m.76 views

Cross-site scripting in Apache CXF

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...

6.1CVSS2.6AI score0.42993EPSS
Exploits0References17Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/07 12:30 p.m.27 views

Security Bulletin: Novalink is impacted by Apache CXF affects WebSphere Liberty JAX-WS middle vulnerability in WebSphere Application Server Liberty (CVE-2019-17573)

Summary Novalink uses WebSphere Application Server Liberty. There is a Apache CXF affects WebSphere Liberty JAX-WS middle vulnerability in WebSphere Application Server Liberty. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable...

6.1CVSS0.7AI score0.07055EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 7:36 p.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Plus

Summary There are multiple vulnerabilities in IBM WebSphere Application Server Liberty that may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

9.8CVSS0.8AI score0.87806EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/18 9:2 p.m.29 views

Security Bulletin: IBM Cloud Private is vulnerable to an IBM WebSphere Application Server Liberty vulnerability (CVE-2019-17573)

Summary IBM Cloud Private is vulnerable to an IBM WebSphere Application Server Liberty vulnerability Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remo...

6.1CVSS0.7AI score0.07055EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.95 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.99 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/16 6:56 p.m.30 views

Security Bulletin: Apache CXF XSS Vulnerability Affects IBM Control Center (CVE-2019-17573)

Summary Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of...

6.1CVSS0.9AI score0.07055EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.85 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS7AI score0.26587EPSS
Exploits7References75
Tenable Nessus
Tenable Nessus
added 2020/06/11 12:0 a.m.67 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2512)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.7AI score0.26587EPSS
Exploits7References97
Tenable Nessus
Tenable Nessus
added 2020/06/11 12:0 a.m.51 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2511)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2511 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.7AI score0.26587EPSS
Exploits7References97
Tenable Nessus
Tenable Nessus
added 2020/06/11 12:0 a.m.48 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2513)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2513 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.7AI score0.26587EPSS
Exploits7References97
vulnersOsv
vulnersOsv
added 2020/06/10 8:2 p.m.5 views

net.kieker-monitoring:analysis (>=2.0.0 <=2.0.3), org.apache.nutch:nutch (=1.10) potentially affected by CVE-2019-17573 via org.apache.cxf:cxf (>=2.7.18 <=3.0.4)

org.apache.cxf:cxf MAVEN version =2.7.18, =2.0.0, =2.0.3 - org.apache.nutch:nutch =1.10 Source cves: CVE-2019-17573 Source advisory: OSV:GHSA-F93P-F762-VR53...

6.1CVSS6.7AI score0.07055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/06/10 8:2 p.m.4 views

com.treelogic-swe:aws-mock (=1.0), com.treelogic-swe:cxf-stub (=ec2-2013-02-01) potentially affected by CVE-2019-17573 via org.apache.cxf:apache-cxf (=2.7.5)

org.apache.cxf:apache-cxf MAVEN version =2.7.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:apache-cxf and may be impacted: - com.treelogic-swe:aws-mock =1.0 - com.treelogic-swe:cxf-stub =ec2-2013-02-01 Source cves: CVE-2019-17573...

6.1CVSS6.7AI score0.07055EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.66 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.26587EPSS
Exploits7References74
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.310 views

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 19 security update

This is a security update for JBoss EAP Continuous Delivery 19. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.3AI score0.28839EPSS
Exploits7References45
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.42 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 (RHSA-2020:2060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2060 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.8 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.8CVSS6.7AI score0.17044EPSS
Exploits1References56
RedHat Linux
RedHat Linux
added 2020/05/11 8:19 p.m.93 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.17044EPSS
Exploits1References43
Rows per page
Query Builder