12 matches found
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test management is impacted by vulnerabilities in Eclipse Paho Java client library
Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Test management Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an...
Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Eclipse Paho Java client library
Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT serve...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in WebSphere Application Server Liberty
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2019-11777)
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
Summary The following CVEs are fixed in 3.5: CVE-2019-11777, CVE-2022-22475 Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: Eclipse Paho Java client could allow a remote attacker to bypass security restrictions, caused by the failure to check the result when connecting to an MQTT server...
Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable, Eclipse Paho Java client could allow a remote attacker to bypass security restrictions.
Summary BM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable, Eclipse Paho Java client could allow a remote attacker to bypass security restrictions, caused by the failure to check the result when connecting to an MQTT server using TLS and setting a host...
Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing with authenticated user and ability to bypass security restrictions due to Eclipse Paho Java client (CVE-2019-11777, CVE-2022-22476)
Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing by an authenticated user CVE-2022-22476 and the ability to bypass security restrictions due to Eclipse Paho Java client CVE-2019-11777 as described in the vulnerability details section. IBM i has address...
IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.8 (6602039)
The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 6602039 advisory. - In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the resul...
CVE-2019-11777
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information...
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information...
GHSA-63QC-P2X4-9FGF Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information...
CVE-2019-11777
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information...