Lucene search
+L

248 matches found

cnvd
cnvd
added 2023/02/09 12:0 a.m.56 views

IBM Cloud Pak for Multicloud Management Monitoring has an unspecified vulnerability (CNVD-2023-08052)

IBM Cloud Pak for Multicloud Management is an application from International Business Machines IBM, Inc. used to manage the default functionality of multi-cloud environments. a security vulnerability exists in IBM Cloud Pak for Multicloud Management Monitoring version 2.0, version 2.3. An attacke...

8.8CVSS3.7AI score0.00532EPSS
Exploits0References1
nvd
nvd
added 2023/02/08 7:15 p.m.23 views

CVE-2022-42438

IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210...

8.8CVSS7.6AI score0.00532EPSS
Exploits0References2
prion
prion
added 2023/02/08 7:15 p.m.16 views

Code injection

IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210...

6.5CVSS8.1AI score0.00532EPSS
Exploits0References2Affected Software1
cve
cve
added 2023/02/08 6:59 p.m.67 views

CVE-2022-42438

CVE-2022-42438 affects IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3. A root cause of the issue is an insufficient restriction of a directory path, allowing users without admin roles to access admin functions by specifying direct URL paths. Supported details from connected source...

8.8CVSS7.9AI score0.00532EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/02/08 6:59 p.m.24 views

CVE-2022-42438 IBM Cloud Pak for Multicloud Management Monitoring privilege escalation

IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210...

7.5CVSS8.3AI score0.00532EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/02/08 12:0 a.m.6 views

IBM Cloud Pak for Multicloud Management 安全漏洞

IBM Cloud Pak for Multicloud Management is an application from International Business Machines IBM, Inc. used to manage the default functionality of multi-cloud environments. a security vulnerability exists in IBM Cloud Pak for Multicloud Management Monitoring version 2.0, version 2.3. An attacke...

8.8CVSS6.5AI score0.00532EPSS
Exploits0References3
ibm
ibm
added 2023/02/01 11:35 a.m.71 views

Security Bulletin: IBM Cloud Pak for Multicloud Management is vulnerable to denial of service attacks due to snakeYAML

Summary SnakeYAML is used by some components of IBM Cloud Pak for Multicloud Management and it is vulnerable to a denial of service attacks. CVE-2022-25857, CVE-2022-38751, CVE-2022-38752, CVE-2022-38749, CVE-2022-38750 Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package...

7.5CVSS6.7AI score0.02191EPSS
Exploits3Affected Software1
ibm
ibm
added 2023/02/01 11:30 a.m.56 views

Security Bulletin: IBM Cloud Pak for Multicloud Management is vulnerable to denial of service due to protobuf-java core and lite

Summary protobuf-java is used by some components of IBM Cloud Pak for Multicloud Management and it is vulnerable to a denial of service. CVE-2022-3509, CVE-2022-3171, CVE-2022-3510 Vulnerability Details CVEID:CVE-2022-3509 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of...

7.5CVSS6.2AI score0.01048EPSS
Exploits0Affected Software1
ibm
ibm
added 2023/02/01 11:19 a.m.16 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for user privilege escalation

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched for users without admin roles. Non-admin user should not access to admin functions by specifying direct URL paths. Vulnerability Details IBM X-Force ID: 238210 DESCRIPTION: IBM Cloud Pak for Multicloud Management Monitoring...

6.6AI score
Exploits0Affected Software1
ibm
ibm
added 2023/02/01 11:4 a.m.100 views

Security Bulletin: IBM Cloud Pak for Multicloud Management has applied security fixes for its use of Apache Commons [CVE-2022-42889 and CVE-2022-33980]

Summary IBM Cloud Pak for Multicloud Management has applied security fixes for its use of Apache Commons CVE-2022-42889 and CVE-2022-33980 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by a...

9.8CVSS9.9AI score0.99931EPSS
Exploits45Affected Software1
ibm
ibm
added 2023/02/01 11:1 a.m.43 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple security vulnerabilities due to its use of NodeJS

Summary NodeJS is used by multiple components of IBM Cloud Pak for Multicloud Management Monitoring as a runtime environment. Vulnerability Details CVEID:CVE-2022-35256 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly handle header fields that are n...

9.1CVSS8.1AI score0.02587EPSS
Exploits2Affected Software1
ibm
ibm
added 2023/01/31 3:21 p.m.50 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched its use of Golang Go due to vulnerabilities with that runtime. Vulnerability Details CVEID:CVE-2022-24921 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a...

7.5CVSS9.3AI score0.0995EPSS
Exploits1Affected Software1
ibm
ibm
added 2023/01/31 2:47 p.m.53 views

Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring.

Summary Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring. Vulnerability Details CVEID:CVE-2022-22739 DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by missing throttling on external protocol...

10CVSS10AI score0.26709EPSS
Exploits22Affected Software1
mmpc
mmpc
added 2023/01/23 6:0 p.m.23 views

Microsoft Security innovations from 2022 to help you create a safer world today

The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...

7.1AI score
Exploits0
mssecure
mssecure
added 2023/01/23 6:0 p.m.40 views

Microsoft Security innovations from 2022 to help you create a safer world today

The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...

7.1AI score
Exploits0
ibm
ibm
added 2022/12/22 9:28 a.m.32 views

Security Bulletin: A security vulnerability in Node.js vm2 affects IBM Cloud Pak for Multicloud Management Managed Services [CVE-2021-23555] and [CVE-2021-23449]

Summary A security vulnerability in Node.js vm2 affects IBM Cloud Pak for Multicloud Management Managed Services CVE-2021-23555 and CVE-2021-23449 has been addressed in IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 5. Vulnerability Details CVEID:CVE-2021-23555 DESCRIPTION: Node.js vm2 modu...

10CVSS9.9AI score0.03476EPSS
Exploits2Affected Software1
ibm
ibm
added 2022/12/22 9:27 a.m.34 views

Security Bulletin: A security vulnerability in Node.js shell-quote affects IBM Cloud Pak for Multicloud Management Managed Services [CVE-2021-42740]

Summary A security vulnerability in Node.js shell-quote affects IBM Cloud Pak for Multicloud Management Managed Services CVE-2021-42740, the fix removes Node.js shell-quote Vulnerability Details CVEID:CVE-2021-42740 DESCRIPTION: Node.js shell-quote module could allow a remote attacker to execute...

9.8CVSS9.7AI score0.0434EPSS
Exploits0Affected Software1
mmpc
mmpc
added 2022/12/13 5:0 p.m.17 views

4 things to look for in a multicloud data protection solution

What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and edge clouds—to distribute applications and services...

Exploits0
mssecure
mssecure
added 2022/12/13 5:0 p.m.26 views

4 things to look for in a multicloud data protection solution

What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and edge clouds—to distribute applications and services...

Exploits0
ibm
ibm
added 2022/10/21 5:47 p.m.42 views

Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Services Vulnerability Details CVEID:CVE-2021-44717 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by an error in the syscall.ForkExec interface. By causing...

4.8CVSS6.2AI score0.01857EPSS
Exploits0Affected Software1
Rows per page
Query Builder