Security Bulletin: IBM Workload Scheduler potentially vulnerable to cross site scripting

Summary Dynamic Workload Console for IBM Workload Scheduler is potentially affected by cross site vulnerability: after loginit is possible to modify one of the outgoing requests in this loading process and obtain a response that generates an alert in the browser, using both HTTP methods, GET and...

Security Bulletin: Multiple vulnerabilities in GSKit affect IBM Workload Scheduler

Summary GSKit is used by IBM Workload Manager and is vulnerable to some OpenSSL vulnerabilities. IBM Workload Manager has addressed the applicable CVEs using an updated version of GSKit libraries. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service...

Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler

Summary There are multiple vulnerabilities in IBM WebSphere application server that may potentially affect IBM Workload Scheduler. Vulnerability Details CVEID: CVE-2018-1621 DESCRIPTION: IBM WebSphere Application Server could allow a local attacker to obtain clear text password in a trace file...

Security Bulletin: Multiple Vulnerabilities in Ubuntu affect IBM Workload Scheduler 9.5

Summary Vulnerabilities CVE-2019-11484, CVE-2019-11485, CVE-2019-11483, CVE-2019-11482 have been found in Ubuntu and potentially affect container images of IBM Workload Scheduler 9.5 Vulnerability Details CVEID: CVE-2019-11484 DESCRIPTION: Ubuntu whoopsie package could allow a local authenticated...

Security Bulletin: There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: ...

Security Bulletin: There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.

Summary here are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Scheduler. IBM Workload Scheduler has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: OpenSSL could allow a local authenticated attacker to obtain sensitive...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Manager. IBM Workload Manager has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted...

CVE-2020-4380

IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160...

CVE-2020-4380

IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160...

Cross site scripting

IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160...

CVE-2020-4380

IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160...

CVE-2020-4380

CVE-2020-4380 affects IBM Workload Scheduler (Dynamic Workload Console) 9.3.0.4 and earlier. The issue is a cross-site scripting (XSS) vulnerability in the Web UI that can cause arbitrary JavaScript execution within a trusted session, potentially enabling credential disclosure. IBM’s bulletin not...

IBM Workload Scheduler Cross-Site Scripting Vulnerability

IBM Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software automates the control of workloads. A cross-site scripting vulnerability exists in IBM Workload Scheduler 9.3.0.4 and earlier versions. An attacker can exploit this vulnerability t...

Bringing Intrinsic Security to Containers: VMware Acquires Octarine

UPDATE: On May 27, 2020 VMware officially closed its acquisition of Octarine. The blog post below has been amended to reflect that announcement. Today is a very exciting day for VMware and for our customers as we announce our acquisition of Octarine, whose innovative security platform for...

[SECURITY] Fedora 32 Update: condor-8.8.8-1.fc32

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

Fedora: Security Advisory for condor (FEDORA-2020-ae934f6790)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: condor-8.8.8-1.fc31

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

[SECURITY] Fedora 30 Update: condor-8.8.8-1.fc30

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

CVE-2020-10944

HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. Fixed in 0.10.5...