Lucene search
+L

5 matches found

ibm
ibm
added 2023/09/28 3:14 a.m.69 views

Security Bulletin: Due to use of Apache Pulsar, IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is vulnerable to a security restrictions bypass.

Summary Pulsar is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library. CVE-2023-30428, CVE-2023-30429, CVE-2023-37579 and CVE-2023-31007 The below vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-30428 DESCRIPTION: Apache Pulsar could allow a...

9.6CVSS6.9AI score0.01035EPSS
Exploits0Affected Software2
nvd
nvd
added 2023/07/12 10:15 a.m.31 views

CVE-2023-30429

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. When a client connects to the Pulsar Function Worker via the Pulsar Proxy where the Pulsar Proxy uses mTLS authentication to authenticate with the Pulsar...

9.6CVSS9.5AI score0.01035EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/07/12 9:8 a.m.13 views

CVE-2023-30429 Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. When a client connects to the Pulsar Function Worker via the Pulsar Proxy where the Pulsar Proxy uses mTLS authentication to authenticate with the Pulsar...

9.6CVSS9.5AI score0.01035EPSS
Exploits0References1
cve
cve
added 2023/07/12 9:8 a.m.84 views

CVE-2023-30429

CVE-2023-30429 - Apache Pulsar Incorrect Authorization : Affects Pulsar Function Worker when connecting through a Pulsar Proxy with mTLS; the worker uses the Proxy’s role for authorization instead of the client’s, enabling privilege escalation. Affected: Pulsar Function Worker versions before 2.1...

9.6CVSS9.2AI score0.01035EPSS
Exploits0References1Affected Software1
osv
osv
added 2023/07/12 9:8 a.m.20 views

CVE-2023-30429 Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. When a client connects to the Pulsar Function Worker via the Pulsar Proxy where the Pulsar Proxy uses mTLS authentication to authenticate with the Pulsar...

9.6CVSS7.2AI score0.01035EPSS
Exploits0References3
Rows per page
Query Builder