63 matches found
EUVD-2013-0611
Malware in sbrugna...
EUVD-2014-0882
Malware in sbrugna...
EUVD-2018-12000
Malware in sbrugna...
EUVD-2012-5639
Malware in sbrugna...
EUVD-2014-6029
Malware in sbrugna...
EUVD-2012-5642
Malware in sbrugna...
EUVD-2014-3080
Malware in sbrugna...
EUVD-2014-3081
Malware in sbrugna...
EUVD-2014-6024
Malware in sbrugna...
Security Bulletin: Ensure that DataPower services running in production environments are not configured to blindly echo requests. (CVE-2013-0499)
Abstract DataPower services like XML Firewall, Multi Protocol Gateway, Web Service Proxy and Web Token Service when configured to blindly echo requests could result in potential security vulnerability in production environments. Content VULNERABILITY DETAILS: DESCRIPTION: For the purposes of...
Security Bulletin: Potential security exposures with IBM WebSphere DataPower XC10 Appliance (CVE-2012-5758, CVE-2012-5759, CVE 2012-5756)
Abstract Several high risk vulnerabilities have been identified in the WebSphere DataPower XC10 Appliance V2.0, and V2.1 that may allow unauthorized administrator privileges. These vulnerabilities affect the WebSphere DataPower XC10 Appliance only and do not affect the related WebSphere eXtreme...
Security Bulletin: WebSphere DataPower XC10 Appliance vulnerability for administrative access to code and data (CVE-2013-5403)
Abstract A security vulnerability in the WebSphere DataPower XC10 Appliance might allow unauthenticated access to administrative operations and data. Content VULNERABILITY DETAILS: CVE-2013-5403 - A knowledgeable user can obtain access to the machine with administrative privileges without...
Security Bulletin: WebSphere DataPower XC10 Appliance vulnerabilities exist in the administrative console and session cookie at login (CVE-2014-3059 and CVE 2014-2060)
Summary In certain configurations, a security vulnerability exists in WebSphere DataPower XC10 Appliance. A WebSphere eXtreme Scale attacker could gain administrative access to the device. Vulnerability Details VULNERABILITY DETAILS: CVEID: CVE-2014-3059 In certain configurations, a security...
Security Bulletin: Vulnerabilities in the Java runtime environment that IBM provides affect WebSphere DataPower XC10 Appliance
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Version 7 that affect the WebSphere DataPower XC10 Appliance. The issues were disclosed as part of the IBM SDK, Java™ Technology Edition updates in January and April 2019. Vulnerability Details CVEID: CVE-2019-2426 DESCRIPTION: A...
Security Bulletin: Vulnerabilities in the Java runtime environment that IBM provides affect WebSphere DataPower XC10 Appliance
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Version 7 that affect the WebSphere DataPower XC10 Appliance. The issues were disclosed as part of the IBM SDK, Java™ Technology Edition updates in July and October 2018. Vulnerability Details CVEID: CVE-2018-2973 DESCRIPTION: An...
Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2018-1652)
Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2018-1652 DESCRIPTION: IBM WebSphere DataPower Appliances and IBM MQ Appliance could allow a local user to cause a denial of service through unknown vectors. CVSS Base Score: 6.2 CVSS Tempor...
Security Bulletin: WebSphere DataPower Appliances is affected by multiple issues
Summary WebSphere DataPower Appliances has addressed the following vulnerabilities: CVE-2018-1447 CVE-2018-1388 CVE-2016-0702 CVE-2016-0705 CVE-2017-3732 CVE-2017-3736 CVE-2018-1428 Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function...
Security Bulletin: WebSphere DataPower Appliances is affected by a Denial of Service vulnerability (CVE-2018-0732)
Summary WebSphere DataPower Appliances has addressed the following vulnerability: CVE-2018-0732 Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key...
Security Bulletin: WebSphere DataPower Appliances is affected by a vulnerability in OpenSSL (CVE-2018-0737)
Summary WebSphere DataPower Appliances has addressed the following vulnerability: CVE-2018-0737 Vulnerability Details CVEID: CVE-2018-0737 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a cache-timing side channel attack in the RSA Key generation...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 and 7 that affect the WebSphere DataPower XC10 Appliance. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION: An unspecified...