Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 11:1 a.m.49 views

Security Bulletin: Netcool Operations Insights 1.6.13 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.13 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is vulnerable to a denial of...

9.8CVSS10AI score0.60679EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/21 3:11 p.m.29 views

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Elastic Elasticsearch-Hadoop arbitrary code execution vulnerabilitiy.(CVE-2023-46674)

Summary Potential Elastic Elasticsearch-Hadoop arbitrary code execution vulnerabilitiy.CVE-2023-46674has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-46674...

7.8CVSS7.4AI score0.00243EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2023/12/05 6:30 p.m.4 views

ai.tripl:arc-elasticsearch-pipeline-plugin_2.11 (>=1.0.0 <=1.1.1), ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14) +12 more potentially affected by CVE-2023-46674 via org.elasticsearch:elasticsearch-hadoop (>=1.2.0 <=7.0.1)

org.elasticsearch:elasticsearch-hadoop MAVEN version =1.2.0, =1.0.0, =0.0.13, =1.13.3, =0.1.1, =0.1.1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =7.1.0.fuse-047, =7.1.0.fuse-047, =7.2.0.redhat-060 Source cves: CVE-2023-46674 Source advisory: OSV:GHSA-RV74-M283-5J95...

7.8CVSS6.7AI score0.00243EPSS
Exploits0
NVD
NVD
added 2023/12/05 6:15 p.m.27 views

CVE-2023-46674

An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...

7.8CVSS0.00243EPSS
Exploits0References1
CVE
CVE
added 2023/12/05 5:21 p.m.68 views

CVE-2023-46674

CVE-2023-46674 applies to Elastic Elasticsearch-Hadoop, where unsafe deserialization of Java objects from Hadoop or Spark configuration properties that could be modified by an authenticated user enables arbitrary code execution on the target system. The issue is triggered when a local authenticat...

7.8CVSS6.6AI score0.00243EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/05 5:21 p.m.35 views

CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization

An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...

6CVSS7.9AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/05 5:21 p.m.20 views

CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization

An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...

6CVSS7.2AI score0.00243EPSS
Exploits0References1
Rows per page
Query Builder