Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 10:2 p.m.24 views

Security Bulletin: IBM Rational Developer for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928).

Summary IBM Rational Developer for i uses the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM Rational Developer for i has addressed...

6.5CVSS5.5AI score0.00638EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 4:16 p.m.31 views

Security Bulletin: IBM Db2 Mirror for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928)

Summary IBM Db2 Mirror for i setup and GUI use the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM Db2 Mirror for i has addressed the...

6.5CVSS5.5AI score0.00638EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/21 9:8 p.m.36 views

Security Bulletin: IBM i Access Client Solutions is vulnerable to an attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928)

Summary IBM i Access Client Solutions uses the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM has addressed this CVE by providing a...

6.5CVSS5.6AI score0.00638EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/04/07 6:29 p.m.8 views

CVE-2022-43928

creationtimestamp| type| source ---|---|--- 2023-04-07 18:29:21+00:00| seen| https://t.me/cibsecurity/61691...

6.5CVSS6.3AI score0.00638EPSS
Exploits0References1
OSV
OSV
added 2023/04/07 2:15 p.m.3 views

CVE-2022-43928

The IBM Toolbox for Java Db2 Mirror for i 7.4 and 7.5 could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memor...

6.5CVSS5.8AI score0.00638EPSS
Exploits0References2
CVE
CVE
added 2023/04/07 1:37 p.m.109 views

CVE-2022-43928

The CVE-2022-43928 entry concerns the IBM Toolbox for Java used by Db2 Mirror for i (versions 7.4 and 7.5). The issue arises from processing data with Java strings, which are immutable and remain in memory after use, allowing sensitive data to be visible for an extended time. Reliable details fro...

6.5CVSS5.4AI score0.00638EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/07 1:37 p.m.26 views

CVE-2022-43928 IBM Db2 Mirror for i information disclosure

The IBM Toolbox for Java Db2 Mirror for i 7.4 and 7.5 could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memor...

4.9CVSS6.2AI score0.00638EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/01 2:5 a.m.30 views

Security Bulletin: IBM Administration Runtime Expert for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928)

Summary IBM Administration Runtime Expert for i uses the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM Administration Runtime Exper...

6.5CVSS5.5AI score0.00638EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/30 8:16 p.m.29 views

Security Bulletin: IBM Db2 Web Query for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928)

Summary Db2 Web Query uses the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. Db2 Web Query has addressed the vulnerability with a fix a...

6.5CVSS5.5AI score0.00638EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/30 8:1 p.m.57 views

Security Bulletin: IBM Navigator for i and IBM Digital Certificate Manager for i are vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928).

Summary IBM Navigator for i and IBM Digital Certificate Manager for i use the IBM Toolbox for Java to access IBM i interfaces. IBM Toolbox for Java could allow sensitive information stored as Java strings to be obtained by an attacker as described in the vulnerability details section. IBM Navigat...

6.5CVSS5.6AI score0.00638EPSS
Exploits0Affected Software4
Rows per page
Query Builder