23 matches found
Security Bulletin: Security vulnerabilities fixed in IBM WebSphere Operational Decision Management and IBM WebSphere ILOG JRules
Abstract List of security vulnerabilities fixed in WebSphere Operational Decision Management V7.5 and V8.0 and WebSphere ILOG JRules 7.1 Content VULNERABILITY DETAILS: CVE ID:CVE-2012-2161 DESCRIPTION: The IEHS IBM Eclipse Help System component has a cross-site scripting vulnerability CVSS: CVSS...
Security Bulletin: Vulnerability in IBM Analytical Decision Management (CVE-2013-4047, CVE-2013-4048, CVE-2013-4049 & CVE-2013-5369)
Abstract Vulnerabilities have been identified in IBM Analytical Decision Management which make the product vulnerable to attacks using script injection and remote code execution. Content VULNERABILITY DETAILS: CVE ID:CVE-2013-4047 DESCRIPTION: If an attacker was able to trick a user into clicking...
A Bootiful Podcast: Flowable founder Joram Barrez on a Bootiful Podcast on workflow, business process management, and more
Hi, Spring fans! In this installment, Josh Long @starbuxman talks to Flowable founder Joram Barrez @jbarrez about workflow, business process management BPM, decision management, rules, and so much more...
Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.12.1 security update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Security Bulletin: Vulnerability in Apache Log4j affects IBM Analytical Decision Management (CVE-2021-4104)
Summary There is a vulnerability in the Apache Log4j open source library which is used by IBM Analytical Decision Management for logging of messages and traces. This issue has been addressed. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to...
Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Important: Red Hat Security Advisory: Red Hat Decision Manager 7.10.0 security update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...
Important: Red Hat Security Advisory: Red Hat Decision Manager 7.7.0 Security Update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Important: Red Hat Security Advisory: Red Hat Decision Manager 7.5.0 Security Update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...
CVE-2018-1821
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170...
CVE-2018-1821
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170...
Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (CVE-2016-5597, CVE-2016-5542)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6,7 and 8 that is used by IBM Operational Decision Manager ODM. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An...
Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE
Summary This Security Bulletin addresses the security vulnerabilities that have shipped with the IBM Java Runtime Environment JRE included in IBM Operational Decision Manager and IBM ILOG JRules. IBM ODM and ILOG JRules now include the most recent version of the IBM JRE which fixes the security...
CVE-2014-6114
The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 before IF8 allows...
CVE-2014-6114
The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 before IF8 allows...
CVE-2013-5369
IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 might allow remote attackers to execute arbitrary code by deploying and accessing a service...
Code injection
IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 might allow remote attackers to execute arbitrary code by deploying and accessing a service...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote attackers to inject arbitrary web script or HTML via a crafted link...
CVE-2013-4047
IBM Analytical Decision Management (versions 6.0–7) contains CVE-2013-4047, a cross-site scripting (XSS) vulnerability exploitable via a crafted link that allows remote attackers to run script or HTML in a user’s browser. The IBM security bulletin documents the related set of vulnerabilities (CVE...