Lucene search
K

66 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/04/05 11:50 a.m.49 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on 30 October 2018 and later by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVE-ID:...

5.9CVSS0.6AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/16 9:5 a.m.24 views

Security Bulletin: WAS traditional and liberty vulnerable to CVE-2014-7810

Summary IBM Worklight has addressed the following vulnerability. WAS traditional and liberty vulnerable to CVE-2014-7810 Vulnerability Details CVEID: CVE-2014-7810 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. A...

5CVSS0.5AI score0.13872EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/12 6:0 p.m.71 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on APR 16, 2018 onward by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...

7.5CVSS0.6AI score0.49268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.85 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on Nov 02, 2017 onward by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...

6.5CVSS7AI score0.83645EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.16 views

Security Bulletin: Open Source Apache Cordova Android Vulnerabilities affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary Apache Cordova is an open source framework for mobile development. The Cordova framework is used in all Mobile environments in IBM Workligh and IBM MobileFirst Platform Foundation but this particluar Open Source Apache Cordova vulnerability is affected only for Android platform. Affected...

7.5CVSS0.9AI score0.03825EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.73 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on Dec 16, 2016 by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...

7.5CVSS1.4AI score0.57595EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.35 views

Security Bulletin: Reflected XSS in IBM Worklight OAuth Server Web Api

Summary A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework. The vulnerable parameter is "scope", if you set as value a "realm"; not defined in authenticationConfig.xml you get an HTTP 403 Forbidden response...

6.1CVSS0.3AI score0.00779EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.22 views

Security Bulletin: Multiple Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary IBM WebSphere Application Server Liberty vulnerabilities have been disclosed by IBM WebSphere Application Server Liberty . IBM WebSphere Application Server Liberty is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have...

6.8CVSS1AI score0.39584EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.39 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194...

7.5CVSS0.6AI score0.44016EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.35 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Worklight and IBM MobileFirst Platform Foundation. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrar...

10CVSS2.9AI score0.97655EPSS
Exploits10Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.32 views

Security Bulletin: Vulnerability in SSLv3 affects WorkLight Quality Assurance (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Worklight Quality Assurance WQA Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like...

4.3CVSS4AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.47 views

Security Bulletin: Vulnerabilities in Bash affect IBM Worklight Quality Assurance (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities affecting IBM Worklight Quality Assurance WQA. Vulnerability Details | Subscribe to My...

10CVSS1.4AI score0.99999EPSS
Exploits158Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.15 views

Security Bulletin: Vulnerability in Apache Cordova affects IBM Worklight, IBM Mobile Foundation and IBM MobileFirst Platform Foundation (CVE-2015-5204)

Summary Apache Cordova File Transfer Plugin for Android is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will all...

4.3CVSS1.2AI score0.0343EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.22 views

Security Bulletin: Vulnerability in Apache Cordova affects IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2015-1835)

Summary An Apache Cordova vulnerability was disclosed May 26, 2015. Apache Cordova is used by IBM Worklight and IBM MobileFirst Platform Foundation. Android applications built with the Cordova framework might allow a remote attacker to cause arbitrary commands to be executed in the application. I...

5.3CVSS1.5AI score0.05911EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.17 views

Security Bulletin: Vulnerabilities in Dojo Toolkit affect IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2014-8917)

Summary There are cross-site scripting vulnerabilities in the Dojo Toolkit that is used by IBM Worklight and IBM MobileFirst Platform Foundation. Vulnerability Details CVEID: CVE-2014-8917 DESCRIPTION: IBM Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of...

4.3CVSS1.1AI score0.0206EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.30 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2014-3570, CVE-2014-3572, CVE-2015-0204)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes the vulnerability that has been referred to as “FREAK”. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation when the optional FIPS 140-2 data-in-motion feature is enabled o...

5CVSS1AI score0.98685EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.32 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Worklight (CVE-2014-3509, CVE-2014-5139)

Summary There are multiple vulnerabilities in OpenSSL that is used by the optional FIPS 140-2 data-in-motion feature in IBM Worklight. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-3509 DESCRIPTION: OpenSSL is vulnerable to a denial o...

6.8CVSS1.3AI score0.19997EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.14 views

Security Bulletin: Vulnerability in SSLv3 affects IBM Worklight (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Worklight. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information,...

4.3CVSS0.7AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.25 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Worklight (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by the optional FIPS 140-2 data-in-motion feature in IBM Worklight. IBM Worklight has addressed the applicable CVEs and included the SSL...

7.1CVSS0.8AI score0.37072EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.19 views

Security Bulletin: IBM Worklight and IBM Mobile Foundation application authenticity bypass (CVE-2014-0888)

Summary IBM Worklight and IBM Mobile Foundation application authenticity verification can be bypassed under certain conditions. Vulnerability Details CVEID: CVE-2014-0888 DESCRIPTION: The application authenticity feature in IBM Worklight and IBM Mobile Foundation enables the Worklight server to...

4.9CVSS1.4AI score0.00961EPSS
Exploits0Affected Software1
Rows per page
Query Builder