13 matches found
Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-1954
Summary IBM TRIRIGA Application Platform discloses CVE-2020-1954 Vulnerability Details CVEID:CVE-2020-1954 DESCRIPTION: Apache CXF is vulnerable to a man-in-the-middle attack, caused by a flaw in JMX Integration. An attacker could exploit this vulnerability to launch a man-in-the-middle attack an...
com.savoirtech.aetos:aetos (>=4.2.0.1 <=4.2.2), de.mhus.app.vault:vault-playground-assembly (>=7.2.0 <=7.3.0) +82 more potentially affected by CVE-2020-1954 via org.apache.cxf:cxf-rt-management (>=3.3.0 <=3.3.5)
org.apache.cxf:cxf-rt-management MAVEN version =3.3.0, =4.2.0.1, =7.2.0, =6.3.0, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.7, =1.0.7, =4.2.11.hyte-42116, =4.2.11.hyte-42116, =4.2.11.hyte-42116, =4.2.11.hyte-42119 and more Source cves: CVE-2020-1954 Source advisory:...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.3 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2020-1954)
Summary This security bulletin addresses the vulnerability in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2020-1954 DESCRIPTION: Apache CXF is vulnerable to a man-in-the-middle attack, caused by a flaw in JMX Integration...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6 (Moderate) (RHSA-2020:4244)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4244 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8 (Moderate) (RHSA-2020:4245)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4245 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 7
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 20 security update
This is a security update for JBoss EAP Continuous Delivery 20. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Security Bulletin: A security vulnerability has been identified in Apache CXF, which is shipped with IBM Tivoli Network Manager (CVE-2020-1954).
Summary Apache CXF is shipped with IBM Tivoli Network Manager version 4.2; Information about a security vulnerability affecting IBM WebSphere Application Server is published in this bulletin. Vulnerability Details CVEID: CVE-2020-1954 DESCRIPTION: Apache CXF is vulnerable to a man-in-the-middle...
CVE-2020-1954
CVE-2020-1954 affects Apache CXF JMX integration; a MITM is possible if the createMBServerConnectorFactory setting on the InstrumentationManagerImpl is not disabled, allowing an on-host attacker to rebind the JMX registry and proxy traffic to access exchanged data. The issue is documented across ...