43 matches found
EUVD-2014-0972
Malware in sbrugna...
EUVD-2014-0971
Malware in sbrugna...
Security Bulletin: Due to use of Apache Struts, Netcool Operation Insight is vulnerable to arbitrary code execution.
Summary Apache Struts is used by Netcool Operations Insight as part of internal services CVE-2023-50164 This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-50164 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary...
Security Bulletin: Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager
Summary Multiple vulnerabilities in Node.js used by IBM Netcool Agile Service Manager have been identified. Netcool Agile Service Manager has addressed these CVEs. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused...
Security Bulletin: Due to use of Apache Log4j, IBM Netcool/OMNIbus Probe DSL Factory Framework is vulnerable to arbitrary code execution (CVE-2022-23302, CVE-2022-23307) and SQL injection (CVE-2022-23305)
Summary Apache Log4j CVE-2022-23302, CVE-2022-23305, CVE-2022-23307 is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. The latest patch upgraded to Apache Log4j 2.17.1 that remediates the security vulnerabilities. Vulnerability Details CVEID: CVE-2022-2330...
Security Bulletin: Vulnerability in Apache Log4j affects Netcool Operation Insight (CVE-2021-44228)
Summary A vulnerability was identified within the Apache Log4j library that is used by Netcool Operation Insight to provide logging functionality. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...
Security Bulletin: IBM Netcool Agile Service Manager is vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-44832, CVE-2021-45046, CVE-2021-45105)
Summary Apache Log4j is used by IBM Netcool Agile Service Manager as part of its logging infrastructure. The fix includes Apache Log4j v2.17.1. Vulnerability Details CVEID: CVE-2021-44832 DESCRIPTION: Apache Log4j could allow a remote attacker with permission to modify the logging configuration...
Security Bulletin: IBM Netcool Agile Service Manager is affected by a vulnerability in Apache Log4j (CVE-2021-44228)
Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Netcool Agile Service Manager. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Netcool Agile Service Manager. IBM Netcool Agile Service Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE...
Security Bulletin: Vulnerabilities affect IBM Netcool Agile Service Manager
Summary Vulnerabilities exist in IBM Netcool Agile Service Manager, these have been addressed. Vulnerability Details CVEID: CVE-2021-21290 DESCRIPTION: Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sendin...
Security Bulletin: Netcool Operations Insights - akora_config.json page caching header not set
Summary It was observed that the Netcool Operations Insights akoraconfig.json page caching header was not set in the node server. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Netcoo...
Security Bulletin: Netcool Operations Insights - Private IP Address Disclosed
Summary It was observed that the private IP address was disclosed in HTTP responses. Although various methods exist by which an attacker can determine the public IP addresses in use by an organization, the private addresses used internally cannot usually be determined in the same ways...
Security Bulletin: Netcool Operations Insight - Missing or insecure headers
Summary AppScan detected multiple low severity http header issues. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Netcool Operations Insight| 1.4.x Netcool Operations Insight| 1.5.x...
Security Bulletin: Vulnerability in Node.js affects IBM Netcool Agile Service Manager
Summary A vulnerability in Node.js used by IBM Netcool Agile Service Manager has been identified. Netcool Agile Service Manager has addressed the CVE. Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By...
Security Bulletin: Version 6.4.6 of Node.js module nodemailer included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability
Summary Security Bulletin: Version 6.4.6 of Node.js module nodemailer included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-7769 DESCRIPTION: Nodejs could allow a remote attacker to execute arbitrary commands on the system, caused by...
Security Bulletin: Version 12.18.0 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has several security vulnerabilities
Summary Security Bulletin: Version 12.18.0 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has several security vulnerabilities Vulnerability Details CVEID: CVE-2020-8251 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by delayed unfinished HTTP/1.1 requests...
Security Bulletin: Version 12.18.4 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability
Summary Security Bulletin: Version 12.18.4 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a...
Security Bulletin: Version 0.11.4 of Node.js module object-path included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability
Summary Security Bulletin: Version 0.11.4 of Node.js module object-path included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-15256 DESCRIPTION: Node.js object-path module could allow a remote attacker to execute arbitrary code on th...
Security Bulletin: A vulnerability have been identified in jwt-go shipped with IBM Netcool Operations Insight Event Integrations Operator (CVE-2020-26160)
Summary jwt-go is a dependency shipped with IBM Netcool Operations Insight Event Integrations Operator. Information about the security vulnerability affecting jwt-go has been published. CVE-2020-26160 Vulnerability Details CVEID: CVE-2020-26160 DESCRIPTION: jwt-go could allow a remote attacker to...
Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability
Summary Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer...