8 matches found
MINI-5V42-4JX4-QC75
Bulletin has no description...
Fedora: Security Advisory (FEDORA-2024-71ef04b872)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : firmitas (2024-71ef04b872)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-71ef04b872 advisory. Cryptography v42 is the new thing. Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing. References...
CVE-2021-29785
IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID:...
Information disclosure
IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID:...
CVE-2021-29785
IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID:...
CVE-2021-29785
CVE-2021-29785 affects IBM Security SOAR. The root cause is the product’s failure to properly enable HTTP Strict-Transport-Security (HSTS) headers on some endpoints, which could allow an attacker to obtain sensitive information through man-in-the-middle techniques. IBM’s security bulletin confirm...
Security Bulletin: IBM® Security SOAR is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046).
Summary Apache Log4j, a dependency of Elasticsearch as used in IBM® Security SOAR, has known vulnerabilities CVE-2021-45105, CVE-2021-45046. These are addressed by upgrading IBM Security SOAR to the latest build of v42 or latest build of v43. The fix packages include Apache Log4j 2.17...