Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/28 3:14 a.m.68 views

Security Bulletin: Due to use of Apache Pulsar, IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is vulnerable to a security restrictions bypass.

Summary Pulsar is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library. CVE-2023-30428, CVE-2023-30429, CVE-2023-37579 and CVE-2023-31007 The below vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-30428 DESCRIPTION: Apache Pulsar could allow a...

9.6CVSS6.9AI score0.00733EPSS
Exploits0Affected Software2
vulnersOsv
vulnersOsv
added 2023/07/12 12:31 p.m.6 views

io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker-auth-athenz (=2.11.0) +3 more potentially affected by CVE-2023-31007 via org.apache.pulsar:pulsar-broker (=2.11.0)

org.apache.pulsar:pulsar-broker MAVEN version =2.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-broker and may be impacted: - io.github.embedded-middleware:embedded-pulsar-core =0.0.4, =0.0.5 -...

6.5CVSS6.5AI score0.00722EPSS
Exploits0
NVD
NVD
added 2023/07/12 10:15 a.m.28 views

CVE-2023-31007

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is configured with authenticateOriginalAuthData=false or if a...

6.5CVSS5.6AI score0.00722EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/12 9:7 a.m.38 views

CVE-2023-31007 Apache Pulsar: Broker does not always disconnect client when authentication data expires

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is configured with authenticateOriginalAuthData=false or if a...

6.9AI score0.00722EPSS
Exploits0References1
CVE
CVE
added 2023/07/12 9:7 a.m.59 views

CVE-2023-31007

The CVE-2023-31007 issue is an Improper Authentication vulnerability in Apache Pulsar Broker. The root cause is that the broker may fail to disconnect a client after authentication data expires when the client connects via Pulsar Proxy with authenticateOriginalAuthData=false or when a direct conn...

6.5CVSS5.3AI score0.00722EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/12 9:7 a.m.17 views

CVE-2023-31007 Apache Pulsar: Broker does not always disconnect client when authentication data expires

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is configured with authenticateOriginalAuthData=false or if a...

7.1AI score0.00722EPSS
Exploits0References1
Rows per page
Query Builder