Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:37 a.m.44 views

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar

Summary Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar. Hence poi-ooxml-3.9.jar upgraded to poi-ooxml-4.0.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2017-5644 DESCRIPTION: Apache POI is vulnerable to a denial of service, cause by an XML External...

7.1CVSS7.8AI score0.13258EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:35 a.m.48 views

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable org.apache.xerces_2.9.0.v201101211617-4.8.0.jar

Summary Atlas eDiscovery Process Management is affected by a vulnerable org.apache.xerces2.9.0.v201101211617-4.8.0.jar. Hence org.apache.xerces2.9.0.v201101211617-4.8.0.jar upgraded to org.apache.xerces2.12.2.v201101211617-4.8.0.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2012-088...

7.8CVSS6.9AI score0.3038EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/28 7:57 a.m.58 views

Security Bulletin: Atlas eDiscovery Process Management(6.0.1.x and 6.0.2.x versions) is affected by a vulnerable Apache Commons Beanutils in WebSphere Application Server

Abstract This Fix Readme includes instructions to upgrading the Apache Commons Beanutils jar to v1.9.4 for Atlas eDiscovery Process Management6.0.1.x and 6.0.2.x versions Content PSIRT details: PRID: PVR0203016, Advisory ADV0020809 - Apache Commons Beanutils Vulnerability CVEID: CVE-2019-10086 CV...

7.5CVSS0.5AI score0.28839EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/06 6:28 a.m.21 views

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable to Apache Commons Beanutils in WebSphere Application Server

Summary In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the...

7.5CVSS1.5AI score0.28839EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:18 p.m.18 views

Security Bulletin: IBM Atlas eDiscovery Process Management vulnerable to SQL injection.

Summary Atlas eDiscovery Process Management has addressed vulnerablility due to SQL injection, where a remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. Vulnerability Details CVEID:...

8.8CVSS1.3AI score0.01436EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:18 p.m.9 views

Security Bulletin: IBM Atlas eDiscovery Process Management vulnerable to cross-site scripting.

Summary Atlas eDiscovery Process Management has addressed cross-site scripting vulnerability, which allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Due to this...

5.4CVSS0.9AI score0.00514EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:18 p.m.19 views

Security Bulletin: IBM Atlas eDiscovery Process Management vulnerable to unsafe third-party links.

Summary Atlas eDiscovery Process Management has addressed the following vulnerability: An authenticated attacker could obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. The third-party links with target="blank" attribute and no rel="noopener noreferrer"...

3.5CVSS1.1AI score0.00683EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.20 views

Security Bulletin: OpenSource Apache Taglibs Vulnerability affects Atlas Policy Suite (CVE-2015-0254)

Summary Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection XXE error when processing XML data. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to...

7.5CVSS1.3AI score0.1326EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2017/12/08 12:0 a.m.3 views

IBM Atlas eDiscovery Process Management Cross-Site Scripting Vulnerability

IBM Atlas eDiscovery Process Management helps attorneys, paralegals, and evidence supervisors rigorously and logically manage legal evidence retention workflows. A cross-site scripting vulnerability exists in IBM Atlas eDiscovery Process Management 6.0.3. The vulnerability can be exploited to emb...

5.4CVSS6.2AI score0.00514EPSS
Exploits0References1
OSV
OSV
added 2017/12/07 3:29 p.m.4 views

CVE-2017-1356

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...

8.8CVSS5.9AI score0.01436EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/07 12:0 a.m.6 views

IBM Atlas eDiscovery Process Management SQL Injection Vulnerability

IBM Atlas eDiscovery Process Management is a product within the Information Lifecycle Governance solution from IBM USA that is used to help attorneys, paralegals, and evidence supervisors rigorously and logically manage legal evidence retention workflows. A SQL injection vulnerability exists in I...

8.8CVSS7.8AI score0.01436EPSS
Exploits0References1
NVD
NVD
added 2014/01/10 12:2 p.m.19 views

CVE-2013-6334

IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suite do not properly validate...

6.4CVSS6.5AI score0.01358EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/01/10 11:0 a.m.27 views

CVE-2013-6321

SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suit...

8.2AI score0.0121EPSS
Exploits0References3
Rows per page
Query Builder