Lucene search
+L

248 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/19 2:14 p.m.14 views

Security Bulletin: A security vulnerability in react-scripts affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in react-scripts affects IBM Cloud Pak for Multicloud Management Managed Services Vulnerability Details IBM X-Force ID: 217312 DESCRIPTION: Node.js istanbul-reports module could allow a remote attacker to obtain sensitive information, caused by a reverse tabnabbin...

6.2AI score
Exploits0Affected Software1
Microsoft Secure
Microsoft Secure
added 2022/09/07 4:0 p.m.18 views

One Microsoft manager’s entrepreneurial vision for multicloud identity and access

In July 2021, Microsoft acquired CloudKnox, a leader in cloud infrastructure entitlement management CIEM. Over the past two years, I’ve had the pleasure of getting to know the founder and chief executive officer CEO, Balaji Parimi, who is now the Partner General Manager of Permissions Management ...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/08/18 4:0 p.m.21 views

Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit

The transition to a remote and hybrid workforce happened fast during a time of uncertainty, and IT professionals rose to the challenge with ingenuity and dedication. But two years in, many IT teams are still responding with patchwork solutions to enforce identity and access management IAM across ...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/08/02 1:0 p.m.17 views

Collaboration Drives Secure Cloud Innovation: Insights From AWS re:Inforce

This year's AWS re:Inforce conference brought together a wide range of organizations that are shaping the future of the cloud. Last week in Boston, cloud service providers CSPs, security vendors, and other leading organizations gathered to discuss how we can go about building cloud environments...

7.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/22 7:53 a.m.37 views

Security Bulletin: A security vulnerability in Node.js node-forge affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js node-forge affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID:CVE-2022-24772 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature...

7.5CVSS7.3AI score0.01015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/22 7:48 a.m.32 views

Security Bulletin: A security vulnerability in Node.js node-forge affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js node-forge affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID:CVE-2022-24771 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature...

7.5CVSS7.3AI score0.00717EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:52 p.m.32 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to information disclosure due to its use of Apache Hadoop (CVE-2017-15713)

Summary Vulnerability in Apache Hadoop allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history serv...

6.5CVSS6.9AI score0.0221EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:45 p.m.24 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to information leakage due to its use of Java (CVE-2022-35550)

Summary Java is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to interact with the operating system and for functional utilities. Vulnerability Details CVEID:CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...

7.1CVSS6AI score0.06868EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:43 p.m.13 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to a denial server due to its use of Google's Gson

Summary GSON is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to serialize/deserialize data. Vulnerability Details IBM X-Force ID: 217225 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the...

6.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:39 p.m.13 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to a DoS attack due to its use of Apache Parquet (CVE-2021-41561)

Summary Apache Parquet is used by its spark component in IBM Cloud Pak for Multicloud Management Monitoring in support of the predictive insights function. This vulnerability is limited to a malicous insider with access to the spark component. Vulnerability Details CVEID:CVE-2021-41561 DESCRIPTIO...

7.5CVSS7.3AI score0.03052EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:37 p.m.46 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is potentially vulnerable to execution of arbitrary code due to its use of Apache Log4j (CVE-2022-23305)

Summary Apache Log4j is used by IBM Cloud Pak for Multicloud Management Monitoring as part of its logging infrastructure. Apache Log4j v1.2 has been removed and replaced by Log4j v2.17.1. Components that use Apache Log4j v1.2 are not exposed outside the cluster and are not configured to use the...

9.8CVSS9.4AI score0.66537EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:35 p.m.52 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has multiple vulnerabilities associated with the Go runtime (CVE-2021-29923, CVE-2021-31525, CVE-2021-33194, CVE-2021-33195, CVE-2021-33196, CVE-2021-33197, CVE-2021-33198)

Summary The Go runtime is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to interact with the operating system and provide utility functions. Vulnerability Details CVEID:CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the...

9.1CVSS8.5AI score0.07293EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 12:29 p.m.43 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is potentially vulnerable to execution of arbitrary code due to its use of Apache Log4j (CVE-2022-23302)

Summary Apache Log4j is used by IBM Cloud Pak for Multicloud Management Monitoring as part of its logging infrastructure. Apache Log4j v1.2 has been removed and replaced by Log4j v2.17.1. Components that use Apache Log4j v1.2 are not exposed outside the cluster and are not configured to use the...

8.8CVSS9.1AI score0.61785EPSS
Exploits0Affected Software1
Microsoft Secure
Microsoft Secure
added 2022/07/20 4:0 p.m.30 views

How Microsoft Purview and Priva support the partner ecosystem

Today, many enterprise organizations are multicloud and multiplatform. Critical enterprise data is located across clouds and platforms, requiring security and compliance no matter where it lives. To solve the complexity that comes with these environments, organizations have invested in multiple...

0.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/19 3:0 p.m.12 views

How Microsoft Security partners are helping customers do more with less

There has never been a greater demand for specialized cybersecurity expertise—or a greater opportunity for our partners to support our customers with new services and solutions. Over the last year, the permanent shift to hybrid work has empowered businesses to be remote and mobile. Increased...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/07/19 3:0 p.m.24 views

How Microsoft Security partners are helping customers do more with less

There has never been a greater demand for specialized cybersecurity expertise—or a greater opportunity for our partners to support our customers with new services and solutions. Over the last year, the permanent shift to hybrid work has empowered businesses to be remote and mobile. Increased...

7.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/15 3:54 p.m.49 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities due to its use of IBM JAVA (CVE-2021-35560, CVE-2021-35578, CVE-2021-35565, CVE-2021-35603)

Summary IBM Java is the runtime environment used by several components in IBM Cloud Pak for Multicloud Management Monitoring and contains several security vulnerabilities. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment...

7.5CVSS1.9AI score0.06886EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/15 3:51 p.m.35 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to a denial server due to its use of Apache Xerces2 (CVE-2022-23437)

Summary Apache Xerces2 is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to process internal configuration files. This vulnerability is limited to a malicious insider who can find and manipulate these files. Vulnerability Details CVEID: CVE-2022-23437 DESCRIPTION...

7.1CVSS0.7AI score0.0444EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/15 3:47 p.m.41 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple security vulnerabilities due to its use of NodeJS (CVE-2021-22918, CVE-2021-22960, CVE-2021-22959)

Summary NodeJS is used by multiple components of IBM Cloud Pak for Multicloud Management Monitoring as a runtime environment. Vulnerability Details CVEID: CVE-2021-22959 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by an error related to a space in headers. A remote attack...

6.5CVSS0.9AI score0.23132EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/13 12:7 p.m.58 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is potentially vulnerable to execution of arbitrary code due to its use of Apache Log4j (CVE-2021-4104)

Summary Apache Log4j is used by IBM Cloud Pak for Multicloud Management Monitoring as part of its logging infrastructure. Apache Log4j v1.2 has been removed and replaced by Log4j v2.17.1. Components that use Apache Log4j v1.2 are not exposed outside the cluster and are not configured to use the...

7.5CVSS1.6AI score0.81147EPSS
Exploits9Affected Software1
Rows per page
Query Builder