EUVD-2024-52843

Malicious code in bioql PyPI...

EUVD-2024-52844

Malicious code in bioql PyPI...

CVE-2024-55897

IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

Security Bulletin: IBM PowerHA SystemMirror for IBM i is vulnerable to multiple vulnerabilities in the PowerHA Web Interface [CVE-2024-55897, CVE-2024-55896]

Summary The IBM PowerHA SystemMirror for IBM i Web Interface is vulnerable to obtaining cookie values CVE-2024-55897 and hijacking the clicking action of users CVE-2024-55896 as described in the vulnerability details section. The PowerHA Web Interface allows easy management of PowerHA operations...

CVE-2024-55896

IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...

CVE-2024-55896

IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...

CVE-2024-55897

Summary: CVE-2024-55897 affects IBM PowerHA SystemMirror for IBM i versions 7.4 and 7.5. The issue is that authorization tokens and session cookies do not have the Secure attribute set, enabling cookie values to be exposed if a user visits an insecure (HTTP) link or a page with such a link, allow...

CVE-2024-55897 IBM PowerHA SystemMirror for i information disclosure

IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

CVE-2024-55897 IBM PowerHA SystemMirror for i information disclosure

IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

CVE-2024-55896

CVE-2024-55896 affects IBM PowerHA SystemMirror for IBM i, versions 7.4 and 7.5. The issue is improper restrictions when rendering content via iFrames, potentially allowing an attacker to gain improper access and perform unauthorized actions on the system. IBM’s bulletin lists fix actions: apply ...

CVE-2024-55896 IBM PowerHA SystemMirror for i clickjacking

IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...

IBM PowerHA SystemMirror 安全漏洞

IBM PowerHA SystemMirror is a high-availability cluster multiprocessor program from International Business Machines IBM. A security vulnerability exists in IBM PowerHA SystemMirror for i versions 7.4 and 7.5 that stems from the inclusion of improper restrictions when rendering content via iFrames...

IBM PowerHA SystemMirror 安全漏洞

IBM PowerHA SystemMirror is a high-availability cluster multiprocessor program from International Business Machines IBM. A security vulnerability exists in IBM PowerHA SystemMirror versions 7.4 and 7.5. An attacker exploiting this vulnerability could obtain cookie values by snooping on traffic...

PT-2024-36606 · Ibm · Ibm Powerha Systemmirror

Name of the Vulnerable Software and Affected Versions: IBM PowerHA SystemMirror for i versions 7.4 through 7.5 Description: The issue is related to improper restrictions when rendering content via iFrames, which could allow an attacker to gain improper access and perform unauthorized actions on t...

Security Bulletin: Lodash versions prior to 4.17.21 vulnerability in PowerHA System Mirror for AIX

Summary Lodash versions prior to 4.17.21 caused vulnerability in PowerHA System Mirror for AIX releases in service. Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a...

AIX 6.1 / 7.1.2 / 7.1.3 : IBM PowerHA SystemMirror CSPOC Privilege Escalation

The remote AIX host is running a version of IBM PowerHA SystemMirror that is missing a security patch. It is, therefore, affected by a privilege escalation vulnerability in the Cluster Single Point of Control CSPOC feature that occurs when adding an authenticated, remote user to the list that...

IBM PowerHA SystemMirror on AIX超级用户权限提升漏洞

No description provided by source...

IBM PowerHA SystemMirror on AIX Superuser Elevation of Privilege Vulnerability

IBM PowerHA SystemMirror is a cluster solution from IBM USA. The solution supports cluster migration, failover and disaster recovery. A superuser elevation of privilege vulnerability exists in IBM PowerHA SystemMirror on AIX versions 6.1 and 7.1, which allows an authenticated remote user to perfo...

CVE-2015-5005

CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list...

Design/Logic Flaw

CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list...