Lucene search
K

32 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/10/14 5:1 a.m.64 views

Security Bulletin: Security Vulnerabilities have been identifed in the IBM WebSphere Liberty product as shipped with the IBM Security Verify Access products.

Summary There are multiple Security vulnerabilities affecting IBM WebSphere Liberty have been fixed in the IBM Security Verify Access ISVA Appliance and Container images. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and...

8.8CVSS6.9AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/23 3:4 p.m.22 views

Security Bulletin: Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-22476, CVE-2022-34165)

Summary Multiple Security Vulnerabilities in the IBM WebSphere Application Server product as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through...

8.8CVSS6.7AI score0.0077EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/14 10:39 a.m.12 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing - CVE-2022-22476

Summary IBM WebSphere Application Server Liberty and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: IBM...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/03 3:51 p.m.27 views

Security Bulletin: IBM Financial Transaction Manager is impacted by a vulnerability in WebSphere Liberty Server (CVE-2022-22476)

Summary The vulnerability addressed by WebSphere Liberty prevents identity spoofing by an authenticated user. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an...

8.8CVSS6.4AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 9:28 a.m.42 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary IBM B2B Advanced Communications has addressed vulnerability in IBM WebSphere Application Server Liberty shipped with product. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to...

8.8CVSS6.4AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 9:14 p.m.50 views

Security Bulletin: IBM CICS TX Standard is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the identity spoofing vulnerability CVE-2022-22476 from Liberty. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 9:4 p.m.49 views

Security Bulletin: IBM CICS TX Advanced is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the identity spoofing vulnerability CVE-2022-22476 from Liberty. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/09 10:24 a.m.57 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 affects CICS Transaction Gateway

Summary There is a vulnerability which is related to identity spoofing in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-22476...

8.8CVSS6.4AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/07 11:48 p.m.74 views

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty affects IBM InfoSphere Global Name Management (CVE-2022-22475, CVE-2022-22476)

Summary The IBM WebSphere Liberty used in IBM InfoSphere Global Name Management is vulnerable to identity spoofing by an authenticated user. This issue only affects ENS, a part of GNM 6 installed by a small minority of GNM customers. For GNM customers not using ENS, there is no vulnerability...

8.8CVSS6.9AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 3:9 p.m.55 views

Security Bulletin: Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2022-22475, CVE-2022-22476, CVE-2022-21540 & CVE-2022-21541

Summary Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2022-22475, CVE-2022-22476, CVE-2022-21540 & CVE-2022-21541 Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An...

8.8CVSS7.2AI score0.0296EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/13 11:10 p.m.31 views

Security Bulletin: IBM Copy Services Manager is vulnerable to a remote attack vulnerabilities due to IBM WebSphere Application Server Liberty vulnerabilities (CVE-2022-22476)

Summary IBM Copy Services Manager is vulnerable to the listed attack vectors in the bundled depencency IBM Websphere Application Server Liberty. IBM Websphere Application Server Liberty is used by IBM Copy Services Manager to serve application content. The following vulnerabilities have been...

8.8CVSS7.1AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/07 6:58 p.m.28 views

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to multiple threats due to use of IBM WebSphere Application Server Liberty (CVE-2022-34165, CVE-2022-22476)

Summary IBM Virtualization Engine TS7700 is vulnerable to HTTP header injection CVE-2022-34165 and identity spoofing CVE-2022-22476 due to the use of IBM WebSphere Application Server Liberty. WebSphere Application Server Liberty is used by the TS7700 to provide the Management Interface. IBM...

8.8CVSS6.9AI score0.0077EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/29 12:50 p.m.67 views

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty profile affects IBM Operations Analytics Predictive Insights(CVE-2022-22393 CVE-2022-22476 CVE-2022-22475)

Summary Websphere Application Server Liberty profile is used in the UI component of IBM Operations Analytics Predictive Insights. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and...

8.8CVSS6.9AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 11:6 a.m.40 views

Security Bulletin: An identity spoofing vulnerability in IBM WebSphere Application Server Liberty (CVE-2022-22476) affects CICS Transaction Gateway

Summary An identity spoofing vulnerability exists in IBM WebSphere Application Server Liberty used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the vulnerability CVE-2022-22476 Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty...

8.8CVSS6.4AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 8:46 a.m.28 views

Security Bulletin: IBM Security Verify Governance is vulnerable to identity spoofing due to use of IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary IBM Security Verify Governance uses IBM WebSphere Application Server Liberty which is vulnerable to identity spoofing by an authenticated user using a specially crafted request CVE-2022-22476. The fix includes upgrading IBM WebSphere Application Server Liberty with the security patch...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/27 10:18 a.m.41 views

Security Bulletin: IBM MQ is affected by an identity spoofing issue in IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary An issue was identified in IBM WebSphere Application Server Liberty which IBM MQ ships and uses to supply MQ Console and MQ REST API functionality. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty a...

8.8CVSS6.5AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/20 12:19 p.m.50 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from containerd, gnupg2, runc and IBM WebSphere Application Server Liberty

Summary Multiple issues were identified in Red Hat UBIubi8/ubi-minimal v8.6-x packages containerd, gnupg2, runc and IBM WebSphere Application Server Liberty that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2022-23648 DESCRIPTION...

8.8CVSS7.6AI score0.27392EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:1 p.m.26 views

Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to Identity Spoofing (CVE-2022-22476)

Summary Liberty for Java for IBM Cloud is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0...

8.8CVSS6.9AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/06 4:45 a.m.41 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Business Automation Workflow (CVE-2022-22476)

Summary WebSphere Application Server Liberty is shipped as part of IBM Business Automation Workflow containers and as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow traditional. Information abou...

8.8CVSS6.8AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 12:5 a.m.27 views

Security Bulletin: Vulnerabilities in IBM Java Runtime and IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments may be affected by the below IBM Java and IBM WebSphere Application Server Liberty vulnerabilities CVEs. Vulnerability Details CVEID:CVE-2022-22476...

8.8CVSS6.7AI score0.02805EPSS
Exploits0Affected Software3
Rows per page
Query Builder