EUVD-2013-2942

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilities exist in the SOAP Gateway component of IMS Enterprise Suite (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2013-3003)

Abstract The SOAP Gateway component of IMS™ Enterprise Suite versions 1.1, 2.1, and 2.2 is affected by multiple vulnerabilities in IBM® Java™ and could allow remote, arbitrary command execution. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability could...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IMS™ Enterprise Suite: Connect API for Java, SOAP Gateway, and Explorer for Development (CVE-2015-0138, CVE-2015-0410, CVE-2014-6593)

Abstract There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, IBM SDK, Java Technology Edition, Version 7 Service Refresh 8 that is used the following IMS™ Enterprise Suite components: Connect API for Java, SOAP Gateway, and Explorer for Development. These issues were disclose...

Security Bulletin: Multiple vulnerabilities in Product IMS Enterprise Suite SOAP Gateway (CVE-2012-5785, CVE-2013-0483)

Abstract IMS™ Enterprise Suite SOAP Gateway V1.1, V2.1, and V2.2 security vulnerabilities in SSL connections and login processes. Content Security Bulletin: Multiple vulnerabilities exist in IMS Enterprise Suite SOAP Gateway CVE-2012-5785, CVE-2013-0483 SUMMARY: IMS™ Enterprise Suite SOAP Gateway...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IMS™ Enterprise Suite: SOAP Gateway (CVE-2015-4000)

Summary The Logjam Attack on TLSTransport Layer Security connections using the Diffie-Hellman DH key exchange protocol affects IMS™ Enterprise Suite: SOAP Gateway. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive informatio...

Security Bulletin: Multiple vulnerabilities exist in IMS Enterprise Suite SOAP Gateway (CVE-2014-4263, CVE-2014-0075)

Summary The IMS™ Enterprise Suite SOAP Gateway is affected by multiple vulnerabilities in IBM® SDK, Java™ Technology Edition July Update and Apache Tomcat. Vulnerability Details CVE ID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability related to the Security component has partial...

Security Bulletin: Vulnerability in IBM Java SDK affect IMS™ Enterprise Suite: Connect API for Java, Explorer for Development, and SOAP Gateway (CVE-2015-7575).

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, 6.0.16.15 and earlier, 6.1.8.15 and earlier, 7.0.9.20 and earlier, 7.1.3.20 and earlier, 8.0.2.0 and earlier that is used by IMS™ Enterprise Suite: Connect API for Java, Explorer for Development, SOAP Gateway. This issue was...

Security Bulletin: Vulnerability in IBM Java SDK affect IMS™ Enterprise Suite: SOAP Gateway, Connect API for Java, Explorer for Development (CVE-2015-4872).

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 8.0.1.10 and earlier that is used by IMS™ Enterprise Suite: SOAP Gateway, Connect API for Java, Explorer for Development. This issue was disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Detai...

CVE-2013-3003

Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 allows remote authenticated users to execute arbitrary commands via unknown vectors...

CVE-2013-3003

Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 allows remote authenticated users to execute arbitrary commands via unknown vectors...

CVE-2013-3003

The IBM IMS Enterprise Suite SOAP Gateway (versions 1.1, 2.1, 2.2) is affected by CVE-2013-3003, among others, with a remote attacker able to execute arbitrary commands. The IBM bulletin specifies that SOAP Gateway users are authenticated via OS credentials and exploitation is constrained by the ...

CVE-2013-0483

The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network...

Design/Logic Flaw

The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2013-0483

The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2013-0483

IBM’s Security Bulletin links CVE-2013-0483 to IMS Enterprise Suite SOAP Gateway versions 1.1, 2.1, and 2.2, where the login process could transmit credentials in cleartext, enabling exposure over the network. The affected components are the SOAP Gateway in IBM IMS Enterprise Suite for z/OS, Linu...