7 matches found
Security Bulletin: Netcool Operations Insights 1.6.13 addresses multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.13 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is vulnerable to a denial of...
Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Elastic Elasticsearch-Hadoop arbitrary code execution vulnerabilitiy.(CVE-2023-46674)
Summary Potential Elastic Elasticsearch-Hadoop arbitrary code execution vulnerabilitiy.CVE-2023-46674has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-46674...
ai.tripl:arc-elasticsearch-pipeline-plugin_2.11 (>=1.0.0 <=1.1.1), ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14) +12 more potentially affected by CVE-2023-46674 via org.elasticsearch:elasticsearch-hadoop (>=1.2.0 <=7.0.1)
org.elasticsearch:elasticsearch-hadoop MAVEN version =1.2.0, =1.0.0, =0.0.13, =1.13.3, =0.1.1, =0.1.1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =7.1.0.fuse-047, =7.1.0.fuse-047, =7.2.0.redhat-060 Source cves: CVE-2023-46674 Source advisory: OSV:GHSA-RV74-M283-5J95...
CVE-2023-46674
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...
CVE-2023-46674
CVE-2023-46674 applies to Elastic Elasticsearch-Hadoop, where unsafe deserialization of Java objects from Hadoop or Spark configuration properties that could be modified by an authenticated user enables arbitrary code execution on the target system. The issue is triggered when a local authenticat...
CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...
CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...