CVE-2020-4821

IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1, under certain configurations, could allow a user to bypass authentication mechanisms using an empty password string. IBM X-Force ID: 189834...

CVE-2020-4821

This CVE-2020-4821 affects IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1. The vulnerability allows authentication bypass when configured to use LDAP with anonymous binding, via an empty password. IBM bulletins (Security Bulletin: IBM Data Replication ...

Security Bulletin: IBM Data Replication Affected by Vulnerabilities in IBM Java SDK (CVE-2020-2654)

Summary This bulletin covers common Java SDK vulnerability findings in the IBM Java SDK packaged with this offering. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker t...

Security Bulletin: IBM Data Replication Support Tool Information Collection on Sybase Platform

Summary This bulletin covers an incorrect behaviour of the Support Information tool running against Sybase databases where the tool may capture database credential information in support traces. Vulnerability Details Third Party Entry: PSIRT-ADV0024332 DESCRIPTION: Created from Advisory: ADV00243...

Security Bulletin: IBM Data Replication Management Console Authentication Affected by Annonymous Binding (CVE-2020-4821)

Summary This bulletin covers a vulnerability found in the Management Console client under which authentication may be by-passed if configured to authenticate against LDAP directories allowing anonymous binding. Vulnerability Details CVEID: CVE-2020-4821 DESCRIPTION: IBM Cognos Controller, under...

Security Bulletin: IBM Data Replication Management Console Authentication By-pass against LDAP directories using anonymous binding

Summary This bulletin covers a vulnerability found in the Management Console client under which authentication may be by-passed if configured to authenticate against LDAP directories allowing anonymous binding. Vulnerability Details CVEID: CVE-2020-4821 DESCRIPTION: IBM Cognos Controller, under...

Security Bulletin: IBM Data Replication Affected by IBM Java SDK Vulnerability (CVE-2019-4732)

Summary This bulletin covers common Java SDK vulnerability findings in the IBM Java SDK packaged with this offering. Vulnerability Details CVEID: CVE-2019-4732 DESCRIPTION: IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0...

Security Bulletin: IBM Data Replication Affected by Multiple Vulnerabilities in IBM Java SDK

Summary This bulletin covers common Java SDK vulnerability findings in the IBM Java SDK packaged with this offering. Vulnerability Details CVEID: CVE-2019-11771 DESCRIPTION: Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system, caused by the inclusion of unused...

Security Bulletin: IBM Data Replication Affected by Multiple Vulnerabilities in IBM Java SDK

Summary Java SDK vulnerability findings in the IBM Java SDK packaged with this offering are addressed Vulnerability Details CVEID: CVE-2018-1890 DESCRIPTION: IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege...

Advisory ROSA-SA-2021-1914

Software: mariadb 5.5.68 OS: Cobalt 7.9 CVE-ID: CVE-2016-3492 CVE-Crit: MEDIUM CVE-DESC: An unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors associated with Server:...

389-ds:1.4 security and bug fix update

1.4.3.16-16 - Bump version to 1.4.3.16-16 - Resolves: Bug 1972738 - Changelog cache can upload updates from a wrong starting point CSN - Resolves: Bug 1972721 - Large updates can reset the CLcache to the beginning of the changelog 1.4.3.16-15 - Bump version to 1.4.3.16-15 - Resolves: Bug 1970791 ...

CVE-2021-35971

Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting...

CVE-2021-35971

Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting...

CVE-2021-35971

CVE-2021-35971 affects Veeam Backup & Replication, specifically versions before 10.0.1.4854 and before 11.0.0.837, where deserialization during Microsoft .NET remoting could be mishandled. The issue is fixed via backported Microsoft .NET remoting deserialization changes: in 11.x with patch P20210...

Veeam Backup&Replication 代码问题漏洞

Veeam Backup&Replication is a suite of data protection software from the Swiss company Veeam. The software provides backup, replication and recovery for VMware and Hyper-V VMs, physical and cloud environments. A security vulnerability exists in Veeam Backup&Replication 10 versions prior to...

Moderate: Red Hat Security Advisory: 389-ds:1.4 security and bug fix update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RLSA-2021:2595 Moderate: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: syncrepl NULL pointer dereference in synccreatestatecontrol...

389-ds:1.4 security and bug fix update

An update is available for 389-ds-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...

Moderate: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: syncrepl NULL pointer dereference in synccreatestatecontrol...

Fedora: Security Advisory for redis (FEDORA-2021-0ad4bec5b1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...