Lucene search
K

26 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/04/30 1:20 p.m.33 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to a command injection vulnerability (CVE-2021-23337)

Summary App Connect Enterprise may be vulnerable to a command injection vulnerability due to Node.js module lodash Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a...

7.2CVSS1.3AI score0.2241EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 1:19 p.m.24 views

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to buffer overflows, Denial of Service or HTTP request smuggling

Summary App Connect Enterprise Certified Container when running Desginer flows may be vulnerable to Denial of Service via to CVE-2020-8237, HTTP request smuggling via CVE-2020-8201 or buffer overflows via CVE-2020-8252. Vulnerability Details CVEID: CVE-2020-8237 DESCRIPTION: Node.js json-bigint...

7.8CVSS1.2AI score0.05093EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 5:6 p.m.40 views

Security Bulletin: App Connect Enterprise Certified Container Operator and Integration Servers are vulnerable to code injection and Denial of Service attacks

Summary App Connect Enterprise Certified Container Operator and Integration Servers are vulnerable to code injection and Denial of Service attacks due to CVE-2020-28362, CVE-2020-28366 and CVE-2020-28367 Vulnerability Details CVEID: CVE-2020-28366 DESCRIPTION: Golang Go could allow a remote...

7.5CVSS1.3AI score0.03813EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 3:12 p.m.32 views

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to man in the middle attack through use of OpenSSL (CVE-2019-1551)

Summary App Connect Enterprise Certified Container may be vulnerable to man in the middle attack through use of OpenSSL via CVE-2019-1551 Vulnerability Details CVEID: CVE-2019-1551 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow in the x64...

5.3CVSS0.9AI score0.14298EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/10 2:36 p.m.18 views

Security Bulletin: App Connect Enterprise Certified Container Integration Servers could allow information exposure when using MQ (CVE-2020-4498)

Summary App Connect Enterprise Certified Container Integration Servers could allow a local privileged user to obtain highly sensitive information due to inclusion of data within trace files when communicating with an MQ server due to CVE-2020-4498. Vulnerability Details CVEID: CVE-2020-4498...

4.4CVSS1.2AI score0.00291EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/02 1:11 p.m.16 views

Security Bulletin: App Connect Enterprise Certified Container Dashboard is vulnerable to clickjacking (CVE-2020-4785)

Summary App Connect Enterprise Certified Container Dashboard is vulnerable to a clickjacking attack that may cause an information leak. Vulnerability Details CVEID: CVE-2020-4785 DESCRIPTION: IBM App Connect Enterprise Certified Container could allow a remote attacker to hijack the clicking actio...

5.4CVSS1AI score0.00665EPSS
Exploits0Affected Software1
Rows per page
Query Builder