Security Bulletin: DoS vulnerability in Apache Commons FileUpload vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-48976)

Summary IBM WebSphere Application Server Liberty is vulnerable to DoS in Apache Commons FileUpload attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers...

CVE-2024-45068

Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA. This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01...

CVE-2024-7125

Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01...

CVE-2024-7125 Authentication Bypass Vulnerability in Hitachi Ops Center Common Services

Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01...

CVE-2024-2493 Session Hijacking Vulnerability in Hitachi Ops Center Analyzer

Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.1-00...

CVE-2023-6833 Information Exposure Vulnerability in Hitachi Ops Center Administrator

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1...

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Enterprise Manager components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Access to sensitive data Access to system data Oracle...

Oracle Enterprise Manager Ops Center (October 2023 CPU)

The 12.4.0.0 version of Enterprise Manager Ops Center installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. Vulnerability in the Oracle Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking curl. The...

CVE-2023-3967 DoS Vulnerability in Hitachi Ops Center Common Services

Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00...

CVE-2023-3967 DoS Vulnerability in Hitachi Ops Center Common Services

Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00...

Oracle Enterprise Manager Ops Center (Apr 2023 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a DoS vulnerability in XStream component as referenced in the April 2023 CPU advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to...

CVE-2020-36652 File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux Hitachi Infrastructure Analytics Advisor, Analytics probe server components, Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux Hitachi O...

CVE-2022-3884

CVE-2022-3884 affects Hitachi Ops Center Analyzer (Windows) specifically the RAID Agent component. The vulnerability arises from incorrect default permissions, enabling local users to read and write certain files. Impact is described for Hitachi Ops Center Analyzer versions prior to 10.9.0-01. Th...

Oracle Enterprise Manager Ops Center UI and Other Patches (January 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking JDBC. The...

Oracle Enterprise Manager Ops Center UCE Patches (Oct 2021 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking Apache HTTP...

Oracle Enterprise Manager Ops Center UCE Patches (Jan 2023 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Update Provisioning Apache HTTP...

Oracle Enterprise Manager Ops Center UI and Other Patches (Oct 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host is missing a security patch as documented in the October 2022 Critical Patch Update CPU. It is, therefore, affected by a vulnerability in the Networking dojo component. Easily exploitable vulnerability allows...

Oracle Enterprise Manager Ops Center UI and Other Patches (July 2021 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a vulnerability as referenced in the July 2021 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager Ops Center component: Signaling dojo. The...

Oracle Enterprise Manager Ops Center UI and Other Patches (Jul 2020 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Apache Log4j. The supporte...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Data Center Analytics, Analytics probe components, Hitachi Ops Center Analyzer on Linux Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components allows Server Side...