Security Bulletin: A vulnerability in Apache log4j (CVE-2021-45105) affects IBM Operations Analytics Predictive Insights

Summary There is a vulnerability in the Apache Log4j open source library used by IBM Operations Analytics Predictive Insights. Apache Log4j versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups which allows a Denial...

Security Bulletin: Security vulnerabilities in the Apache log4j library ( CVE-2021-45105 and CVE-2021-44832 ) have been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. The WebSphere Application Server is vulnerable to a remote code execution RCE attack CVE-2021-44832 where an attacker with permission to modify the logging configuration file can...

Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228) bundled with Predictive Maintenance and Quality and Predictive Maintenance Insights

Summary IBM WebSphere Application Server is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Vulnerabilities have been identified in Apache Log4j which affect WebSphere Application Server CVE-2021-44228. The recommended solution is to manually...

Security Bulletin: IBM Operations Analytics Predictive Insights impacted by Apache Log4j vulnerabilities (CVE-2021-4104, CVE-2021-45046)

Summary IBM Operations Analytics Predictive Insights is affected by the Apache Log4j vulnerability through the WebSphere Application Server WAS component. There is a separate security bulletin linked below that describes vulnerabilities CVE-2021-4104, CVE-2021-45046 in the Apache Log4j library as...

Security Bulletin: A vulnerability in Apache log4j affects IBM Operations Analytics Predictive Insights (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM Operations Analytics Predictive Insights. This affects the IBM Operations Analytics Predictive Insights Analytics, UI and REST Mediation components. This vulnerability has been addressed. Vulnerability Details...

Security Bulletin: A vulnerability in Apache log4j affects IBM Operations Analytics Predictive Insights (CVE-2021-45046)

Summary There is a vulnerability in the Apache Log4j open source library used by IBM Operations Analytics Predictive Insights. This affects the IBM Operations Analytics Predictive Insights Analytics, UI and REST Mediation components. This vulnerability has been addressed. Vulnerability Details...

Security Bulletin: Security vulnerabilities ( CVE-2021-36090, CVE-2021-35517 ) in Apache Commons Compress affect WebSphere Application Server Liberty Profile, shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS Liberty Profile is shipped as a component of IBM Operations Analytics Predictive Insights. Information about Apache Commons Compress library vulnerabilities CVE-2021-36090, CVE-2021-35517 to a denial of service, caused by an out of memory error affect WAS...

PT-2021-23960 · Patrowl · Patrowl

Name of the Vulnerable Software and Affected Versions: PatrOwl versions prior to 1.77 Description: The issue is related to improper privilege management in PatrowlManager, allowing unlogged-in users to download all finding import files. The files are stored under /media/imports//, where owner id ...

Security Bulletin: A security vulnerability ( CVE-2021-29736 ) has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability to remote users Privilege Escalation CVE-2021-29736 has been published in a security bulletin Vulnerability Details Refe...

A Planned Parenthood LA Hack Affects 400,000 Patients

Plus: A Ubiquiti hack revelation, predictive policing, and more of the week's top security news...

Oracle MySQL Enterprise Monitor (Oct 2021 CPU)

The 8.0.25 versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Spring Security. Supported...

The European Parliament Voted to Ban Remote Biometric Surveillance

Its not actually banned in the EU yet -- the legislative process is much more complicated than that -- but its a step: a total ban on biometric mass surveillance. To respect "privacy and human dignity," MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of...

Security Bulletin: Multiple security vulnerabilities may affect WebSphere Application Server Liberty shipped with Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises

Summary IBM WebSphere Application Server Liberty is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Information about some security vulnerabilities affecting WebSphere Application Server Liberty has been published in below security bulletin...

Security Bulletin: A security vulnerability ( CVE-2021-20517 ) has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server ND vulnerability to a directory traversal CVE-2021-20517 has been published in a security bulletin Vulnerability Details Refer to the...

Security Bulletin: A security vulnerability ( CVE-2021-29754 ) has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability to a Privilege Escalation CVE-2021-29754 has been published in a security bulletin Vulnerability Details Refer to the...

Security Bulletin: A security vulnerability ( CVE-2021-20492 ) has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2021-20492 to an XML External Entity XXE Injection has been published in a security bulletin Vulnerability Details...

Security Bulletin: Multiple security vulnerabilities ( CVE-2012-6153, CVE-2014-3577, CVE-2011-1498, CVE-2015-5262 ) has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerabilities CVE-2012-6153, CVE-2014-3577, CVE-2011-1498, CVE-2015-5262 in the Apache Commons and Apache HttpComponents jars have...

Security Bulletin: Multiple security vulnerabilities in WebSphere Application Server affect Predictive Maintenance and Quality and Predictive Maintenance Insights

Summary IBM WebSphere Application Server is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Vulnerabilities have been identified in WebSphere Application Server and the information about their fixes is published in below security bulletins...

Security Bulletin: CVE-2020-14781 may affect IBM® SDK, Java™ Technology Edition shipped with Predictive Maintenance and Quality

Summary IBM® SDK, Java™ Technology Edition is shipped with IBM Predictive Maintenance and Quality. Please refer to the Security Bulletin published by IBM® SDK, Java™ Technology Edition for CVE-2020-14781. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

Security Bulletin: Multiple security vulnerabilities may affect IBM DB2 shipped with Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises

Summary IBM DB2 is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Information about security vulnerabilities affecting DB2 has been published in multiple security bulletins as below. Vulnerability Details Refer to the security bulletins listed...