Lucene search
+L

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 1:17 p.m.33 views

Security Bulletin: IBM Sterling B2B Integrator B2B API vulnerable to multiple issues due to Apache CXF

Summary IBM Sterling B2B Integrator uses Apache CXF. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is...

9.8CVSS9.1AI score0.07024EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/14 7:45 p.m.30 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID: CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is configured with both the static-resources-list...

7.5CVSS8.5AI score0.20459EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 1:29 p.m.55 views

Security Bulletin: Vulnerability found in cxf-rt-transports-http-3.5.3.jar which is shipped with IBM® Intelligent Operations Center(CVE-2022-46363)

Summary Vulnerability have been identified in cxf-rt-transports-http-3.5.3.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

7.5CVSS8.4AI score0.01193EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/21 12:8 p.m.65 views

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to sensitive data exposure due to Apache CXF (CVE-2022-46363)

Summary A security vulnerability has been identified and addressed in Apache CXF shipped with IBM Sterling Global Mailbox. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is...

7.5CVSS8.3AI score0.01193EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/15 3:23 p.m.62 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release

Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.19653EPSS
Exploits16References18
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/03 6:1 p.m.30 views

Security Bulletin: IBM ECM Content Management Interoperability Services (CMIS) cfx-core security vulnerabilities CVE-2022-46363, CVE-2022-46364

Summary IBM ECM Content Management Interoperability Services CMIS cfx-core security vulnerabilities CVE-2022-46363, CVE-2022-46364, affected, not vulnerable Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow a remote attacker to obtain sensitive information, caused by ...

9.8CVSS8.9AI score0.0193EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/30 9:16 p.m.42 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to remote code execution due to Apache CXF (CVE-2022-46363)

Summary Apache CXF is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web service infrastructure. Information about security vulnerabilities affecting Apache CXF has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-46363 DESCRIPTION: Apache CXF could allow...

7.5CVSS8.6AI score0.01193EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/01/30 5:12 p.m.54 views

Important: Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.14.5 Patch 1 release and security update

A patch is now available for Camel for Spring Boot 3.14.5. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS bas...

9.8CVSS6.8AI score0.0193EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2023/01/26 9:55 p.m.82 views

Critical: Red Hat Security Advisory: Red Hat Fuse 7.11.1.P1 security update

A security update for Fuse 7.11.1 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of...

9.8CVSS6.8AI score0.0193EPSS
Exploits6References5
vulnersOsv
vulnersOsv
added 2022/12/13 3:30 p.m.11 views

be.atbash.test:integration-testing (>=1.0.0 <=1.1.0), com.codbex.chronos:codbex-chronos-platform (>=0.3.0 <=0.5.4) +1091 more potentially affected by CVE-2022-46363 via org.apache.cxf:cxf-core (>=3.5.0 <=3.5.4)

org.apache.cxf:cxf-core MAVEN version =3.5.0, =1.0.0, =0.3.0, =0.3.0, =0.5.3, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.0 and more Source cves: CVE-2022-46363 Source advisory: OSV:GHSA-3W37-5P3P-JV92...

7.5CVSS6.5AI score0.01193EPSS
Exploits1
CVE
CVE
added 2022/12/13 2:46 p.m.350 views

CVE-2022-46363

CVE-2022-46363 involves Apache CXF. The vulnerability arises when CXFServlet is configured with both static-resources-list and redirect-query-check attributes, enabling remote directory listing or code exfiltration. Affected CXF versions are pre-3.5.5 and pre-3.4.10. The IBM security bulletin cor...

7.5CVSS8.4AI score0.01193EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder