EUVD-2020-26234

Malware in sbrugna...

EUVD-2018-12401

Malware in sbrugna...

Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem models 840 and 900

Summary There are vulnerabilities in Apache Tomcat to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of these vulnerabilities CVE-2016-6816, CVE-2016-6817, and CVE-2016-6796 could allow a remote attacker to obtain sensitive information, cause an application to...

Security Bulletin: A Vulnerability in Apache Tomcat affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Apache Tomcat to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of this vulnerability CVE-2017-6056 could allow a remote attacker to wage a denial of service attack. Vulnerability Details CVEID: CVE-2017-6056 DESCRIPTION: Apach...

Security Bulletin: Vulnerability in Mozilla NSS affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Mozilla Network Security Services NSS to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of this vulnerability CVE-2017-7502 could to cause a denial of service. Vulnerability Details CVEID: CVE-2017-7502 DESCRIPTION: Mozilla...

Security Bulletin: A vulnerability in Java affects the IBM FlashSystem 840 and 900

Summary There is a vulnerability in Java to which the IBM FlashSystem™ 840 and FlashSystem 900 are susceptible CVE-2019-2602. An exploit of CVE-2019-2602 could make the system susceptible to a denial of service attack. Vulnerability Details CVEID: CVE-2019-2602 DESCRIPTION: An unspecified...

Security Bulletin: Vulnerabilities in Apache Struts affect the IBM FlashSystem models 840 and 900 (CVE-2016-0785 CVE-2016-2162)

Summary Open Source Apache Struts vulnerabilities were disclosed in March 2016. Struts is used by IBM® FlashSystem™ 840 and IBM FlashSystem 900 in its Service Assistant GUI. Vulnerability Details CVEID: CVE-2016-0785 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary co...

Security Bulletin: A vulnerability in OpenSSL affects the IBM FlashSystem models 840 and 900 (CVE-2016-2107)

Summary There is a vulnerability in open source OpenSSL to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote user with the ability to conduct a man-in-the-middle attack to decrypt traffic. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in IBM Java Runtime affects the IBM FlashSystem models 840 and 900 (CVE-2016-0475).

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM® FlashSystem™ 840 and IBM FlashSystem 900. These issues were disclosed as part of the IBM Java SDK updates in January 2016. IBM FlashSystem 840 and IBM FlashSystem 900 have...

Security Bulletin: A vulnerability in Apache Tomcat affects the IBM FlashSystem 840 and 900

Summary A vulnerability exists in Apache Tomcat to which the IBM FlashSystem™ 840 and FlashSystem 900 are susceptible CVE-2018-11784. An exploit of this vulnerability could allow a remote attacker to redirect a user to arbitrary websites. Vulnerability Details CVEID: CVE-2018-11784 DESCRIPTION:...

Security Bulletin: Vulnerabilities in OpenSSL affect the IBM FlashSystem models 840 and 900 ( CVE-2016-0705, CVE-2016-0797 )

Summary There are vulnerabilities in OpenSSL to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of these vulnerabilities could allow a remote attacker to corrupt memory and/or cause a denial of service. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION:...

Security Bulletin: A vulnerability in Network Security Services (NSS) affects the IBM FlashSystem models 840 and 900 (CVE-2015-2730)

Summary There is a vulnerability in Network Security Services NSS to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote attacker could exploit this vulnerability to forge signatures. Vulnerability Details CVEID:...

Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 is susceptible. An exploit of this vulnerability CVE-2017-5638 could allow a remote attacker to execute arbitrary code on the system Vulnerability Details CVEID: CVE-2017-5638 DESCRIPTION:...

Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900

Summary There are vulnerabilities in OpenSSH to which the IBM® FlashSystem™ 840 and FlashSystem 900 are susceptible. An exploit of these vulnerabilities CVE-2015-6563 and CVE-2015-6564 could allow a remote attacker to bypass security restrictions to gain elevated privileges or conduct an...

Security Bulletin: A vulnerability in IBM SDK Java Technology Edition that is used by the IBM FlashSystem 840 and IBM FlashSystem 900 (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition that is used by the IBM® FlashSystem™ 840 and IBM FlashSystem 900. This issue were disclosed as part of the IBM Java SDK updates for October 2015. An exploit of this vulnerability could cause a partial integrity impact...

Security Bulletin: A vulnerability exists in the restricted shell of the IBM FlashSystem 900

Summary A vulnerability exists in the IBM FlashSystem 900 restricted shell CVE-2021-29873. An exploit of this vulnerability could allow an authenticated attacker to access sensitive information or cause a denial of service. Vulnerability Details CVEID: CVE-2021-29873 DESCRIPTION: IBM Flash System...

Security Bulletin: A vulnerability exists in the management GUI of the IBM FlashSystem 900

Summary A vulnerability CVE-2020-4987 affects the IBM FlashSystem model 900 management GUI. Vulnerability Details CVEID: CVE-2020-4987 DESCRIPTION: IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...

IBM FlashSystem 900 Cross-Site Scripting Vulnerability

IBM FlashSystem 900 is a software application from IBM, USA. Provides a subtle delay. A cross-site scripting vulnerability exists in IBM FlashSystem 900 versions 1.5.2.9 and 1.6.1.3 that allows an attacker to alter the intended functionality by embedding arbitrary JavaScript code in the Web UI,...

CVE-2020-4987

The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2020-4987

The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...