18 matches found
Security Bulletin: Vulnerabilities in Java affect IBM WIoTP MessageGateway (CVE-2021-213)
Summary There is a vulnerabilities in Java that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...
Security Bulletin: Vulnerabilities in openSSL and WebSphere Liberty affect IBM WIoTP MessageGateway (CVE-2022-22476 CVE-2019-11777 CVE-2022-22475 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292)
Summary There is a vulnerabilities in OpenSSL and WebSphere Liberty that affect IBM WIoTP MessageGateway. Vulnerability Details CVEID:CVE-2022-2097 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by improper encryption of data by the AES OCB mode for...
Security Bulletin: OpenSSL publicly disclosed vulnerability affects MessageGateway (CVE-2021-3711)
Summary MessageGateway has addressed the following vulnerabilityies by updating the version of OpenSSL. Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVPPKEYdecrypt function within implementation of th...
Security Bulletin: OpenSSL publicly disclosed vulnerability affects MessageGateway (CVE-2021-3712)
Summary MessageGateway has addressed the following vulnerabilityies by updating the version of OpenSSL. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By...
Security Bulletin: OpenSSL publicly disclosed vulnerability affects MessageGateway (CVE-CVE-2021-3449)
Summary MessageGateway has addressed the following vulnerability by updating the version of OpenSSL. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a specially...
Security Bulletin: OpenSSL publicly disclosed vulnerability affects MessageGateway (CVE-2020-1971)
Summary MessageGateway has addressed the following vulnerabilityies by updating the version of OpenSSL. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAM...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway (CVE-2020-14803, CVE-2020-27221)
Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway These issues were disclosed as part of the IBM Java SDK updates in January, 2021. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE coul...
Security Bulletin: OpenSSL publicly disclosed vulnerabilities affect MessageGateway (CVE-2021-23841 CVE-2021-23840)
Summary MessageGateway has addressed the following vulnerabilities by updating the version of OpenSSL. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an...
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM MessageGateway
Summary There is a vulnerability in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway. This issue was disclosed as part of the IBM Java SDK updates in October, 2020. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the...
Security Bulletin: OpenLDAP publicly disclosed vulnerabilities affects MessageGateway (CCVE-2020-36230, CVE-2020-36229)
Summary MessageGateway has addressed the following vulnerabilityies by updating the version of OpenLDAP. Vulnerability Details CVEID: CVE-2020-36230 DESCRIPTION: OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in the X.509 DN parsing in decode.c bernextelement. By...
Security Bulletin: Multiple vulnerabilities in jQuery affect IBM WIoTP MessageGateway (CVE-2020-11023, CVE-2020-11022)
Summary There are multiple vulnerabilities in jQuery that affect IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could...
Security Bulletin: Multiple Vulnerabilities in jQuery affect IBM WIoTP MessageGateway
Summary There are multiple vulnerabilities in jQuery that affect IBM WIoTP MessageGateway. Vulnerability Details Third Party Entry: 180875 DESCRIPTION: jQuery cross-site scripting CVSS Base score: 6.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 for the...
Security Bulletin: A vulnerability in jQuery affects IBM WIoTP MessageGateway (CVE-2020-7656)
Summary There is a vulnerability in jQuery that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2020-7656 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this...
Security Bulletin: vulnerabilities in in IBM® Runtime Environment Java™ Version 8 affect IBM WIoTP MessageGateway (CVE-2020-2805, CVE-2020-2803, CVE-2020-2781, CVE-2020-2755, CVE-2020-2754)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that affect IBM WIoTP MessageGateway Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated...
Security Bulletin: OpenSSL disclosed vulnerability affects MessageGatweay (CVE-2020-1967)
Summary MessageGateway has addressed the following vulnerability by updating the level of OpenSSL. Vulnerability Details CVEID: CVE-2020-1967 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSLcheckchain...
Security Bulletin: IBM Watson IoT MessageGateway Server is affected by a buffer overflow vulnerability (CVE-2020-4207)
Summary IBM Watson IoT MessageGateway Server is vulnerable to a buffer overflow isse that can result in denial of service and possible code execution. Vulnerability Details CVEID: CVE-2020-4207 DESCRIPTION: IBM Watson IoT Message Gateway is vulnerable to a buffer overflow, caused by improper boun...
Security Bulletin: A vulnerability in IBM WebSphere Liberty affects IBM WIoTP MessageGateway
Summary There is a vulnerability in IBM WebSphere Liberty that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2019-4305 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cooki...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0 used by IBM WIoTP MessageGateway. These issues were disclosed as part of the IBM Java SDK updates in October 2019. Vulnerability Details CVEID: CVE-2019-2945 DESCRIPTION: An unspecified vulnerability in Java ...