Security Bulletin: An IBM QRadar SIEM ArielRESTAPI protocol is vulnerable to Improper Validation (177835)

Summary The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal and is vulnerable to improper validation of input. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtai...

Security Bulletin: An IBM QRadar SIEM JDBC protocol is vulnerable to SQL injection (CVE-2024-1597)

Summary PostgreSQL JDBC Driver PgJDBC is vulnerable to SQL injection which could allow a remote attacker to send specially crafted SQL statements enabling the attacker to view, add, modify or delete information. Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC ...

Security Bulletin: IBM QRadar SIEM protocols are vulnerable to information exposure and denial of service (CVE-2023-31582, CVE-2023-51775)

Summary The Jose4j library is vulnerable to a denial of service, caused by improper input validation. It could also allow a remote attacker to obtain sensitive information using cryptographic attacks. Vulnerability Details CVEID:CVE-2023-31582 DESCRIPTION: Jose4J could allow a remote attacker to...

Security Bulletin: An IBM QRadar SIEM SNMP protocol is vulnerable to a denial of service, SQL injection and could allow a remote attacker to execute arbitrary code on the system.

Summary Apache Log4j could allow a remote attacker to execute arbitrary code on the system. It is also vulnerable to SQL injection and could lead to a denial of service caused by a flaw when using the Chainsaw or SocketAppender components. Vulnerability Details CVEID:CVE-2022-23307 DESCRIPTION:...

Security Bulletin: Multiple security vulnerabilities in Eclipse Jetty affect IBM Security Directory Integrator

Summary The IBM Security Directory Integrator was vulnerable to multiple security vulnerabilities in the Eclipse Jetty component. This was addressed in version 10 of the IBM Security Directory Integrator. Vulnerability Details CVEID:CVE-2017-9735 DESCRIPTION: Jetty could allow a remote attacker t...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.14.4 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.14.4 IF001 Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in...

Security Bulletin: IBM DataPower Gateway vulnerable to DOS in OpenSSL (CVE-2024-0727)

Summary IBM has addressed the CVE. Vulnerability Details CVEID:CVE-2024-0727 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted PKCS12 file, a remote attacker could exploit this vulnerability to cause...

Security Bulletin: IBM DataPower Gateway vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)

Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms offered,...

Security Bulletin: IBM DataPower Gateway Virtual Edition affected by bypass vulnerability in Open VM Tools

Summary Exploitation of this flaw requires root access to the ESXi host. IBM has addressed the vulnerability. Vulnerability Details CVEID:CVE-2023-20867 DESCRIPTION: VMware Tools could allow a local authenticated attacker to bypass security restrictions, caused by the failure to authenticate...

Security Bulletin: IBM Rational® Application Developer for WebSphere® Software is vulnerable to a denial of service

Summary Node.js is used by IBM Rational® Application Developer for WebSphere® Software as the SDK and runtime for Apache Cordova projects. CVE-2023-6129,CVE-2024-24806, CVE-2023-5678,CVE-2024-22019,CVE-2023-46809, CVE-2024-0727, CVE-2023-6237,CVE-2024-21892 Vulnerability Details...

Security Bulletin: IBM Storage Fusion is vulnerable to denial of server, and security bypass due to Golang vulnerabilities.

Summary Golang Go and Golang packages are used by IBM Storage Fusion and thus IBM Storage Fusion may be vulnerable to the vulnerabilities listed below. CVE-2022-29526, CVE-2022-21698, CVE-2021-41190, CVE-2018-20699, CVE-2024-24786, CVE-2023-39325, CVE-2023-48795. Vulnerability Details...

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to a denial of service attack using HTTP/2 protocol. [CVE-2023-44487]

Summary IBM HTTP Server powered by Apache used by IBM i is vulnerable to a denial of service attack due to mishandling of multiplexed streams in HTTP/2 protocol as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described ...

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details IBM X-Force ID: PSIRT-ADV0103951...

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 272 Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

Security Bulletin: Multiple vulnerabilities exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Detail...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in January 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20952...

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-22354)

Summary IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity XXE injection vulnerability. Vulnerability Details CVEID:CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2023-50312)

Summary IBM WebSphere Application Server Liberty could provide weaker than expected security for outbound TLS connections. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this risk, it has been addressed in this bulletin: Jazz Foundation, Global Configuration Managemen...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity XXE injection vulnerability. Following IBM® Engineering Lifecycle Engineering products, exposed to this vulnerability, are been addressed in this bulletin: Jazz Foundatio...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service (CVE-2024-25026)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. The following IBM®...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to server-side request forgery (CVE-2024-22329)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to server-side request forgery. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Te...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service due to jose4j (CVE-2023-51775)

Summary There is a vulnerability in the jose4j library used by IBM WebSphere Application Server traditional and used by the IBM WebSphere Application Server Liberty. The following IBM® Engineering Lifecycle Engineering products are exposed to this attack and are been addressed in this bulletin: I...

Security Bulletin: WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service. (CVE-2024-25026)

Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to t...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service, authentication bypass, and incorrect privilege assignment due to Golang vulnerabilities.

Summary IBM Storage Fusion HCI uses Golang packages that may cause Fusion to be vulnerable to denial of service, authentication bypass, and incorrect privilege assignment. CVE-2018-20699, CVE-2023-48795, CVE-2022-21698, CVE-2021-41190, CVE-2023-39325, CVE-2022-29526, CVE-2023-45288. Vulnerability...

Security Bulletin: IBM Storage Fusion is vulnerable to directory traversal due to beego.

Summary Beego is used by IBM Storage Fusion as part of the User Interface. See Vulnerability Details below. CVE-2022-31836, CVE-2022-31259. Vulnerability Details CVEID:CVE-2022-31836 DESCRIPTION: Beego could allow a remote attacker to traverse directories on the system, caused by a flaw in the...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to directory traversal due to Beego.

Summary Beego is used by IBM Storage Fusion HCI as part of the user interface. See Vulnerability Details below. CVE-2022-31836, CVE-2022-31259. Vulnerability Details CVEID:CVE-2022-31836 DESCRIPTION: Beego could allow a remote attacker to traverse directories on the system, caused by a flaw in th...

Security Bulletin: IBM Storage Fusion is vulnerable to HTTP request smuggling, denial of server due to aiohttp, cryptography.

Summary aiohttp, cryptography and Gunicorn are used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-1135, CVE-2024-26130, CVE-2024-23829, CVE-2024-2334, CVE-2023-49081, CVE-2023-49082. Vulnerability Details CVEID:CVE-2024-11...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to HTTP request smuggling, denial of server due to aiohttp, cryptography.

Summary aiohttp, cryptography and Gunicorn are used by IBM Storage Fusion HCI as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-23829, CVE-2024-23334, CVE-2024-1135, CVE-2024-26130. Vulnerability Details CVEID:CVE-2024-23829 DESCRIPTION: aio-libs...

Security Bulletin: IBM Storage Fusion is vulnerable to denial of service due to Apache Commons Compress and ion-java.

Summary commons-compress and ion-java is used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerab...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service due to Apache Commons Compress and ion-java.

Summary commons-compress and ion-java is used by IBM Storage Fusion HCI as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is...

Security Bulletin: IBM Storage Fusion is vulnerable to phishing attacks due to follow-redirects package.

Summary follow-redirects is used by IBM Storage Fusion as part of the Installer and may be vulnerable to the CVE listed below. CVE-2023-26159. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to conduct phishing attacks, caused by an open...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to phishing attacks and cross-site request forgery due to follow-redirects and Axios.

Summary follow-redirects and Axios are used by IBM Storage Fusion HCI as part of the Installer and may be vulnerable to the CVE listed below. CVE-2023-26159, CVE-2023-45857. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to conduct phishing...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service, cross-site scripting, and obtaining sensitive information due to Pypa, Pallets Jinja, requests, and urllib3.

Summary Python packages Pypa, Pallet Jinja, requests, and urllib3 are used by IBM Storage Fusion HCI as part of the installer and may be vulnerable to the CVEs listed below. CVE-2022-40897, CVE-2024-22195, CVE-2023-32681, CVE-2023-43804. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pyp...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to elevated privileges due to OpenShift.

Summary OpenShift included with IBM Storage Fusion HCI is affected by the CVE listed below. CVE-2023-5408. Vulnerability Details CVEID:CVE-2023-5408 DESCRIPTION: OpenShift Kubernetes could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the node...

Security Bulletin: IBM Storage Fusion is vulnerable to denial of service due to Golang Go's net/http and x/net/http2.

Summary Golang Go's net/http and x/net/http2 packages are used by IBM Storage Fusion as part of the its user interface and may be affacted by the CVE listed below. CVE-2023-45288. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a...

Security Bulletin: IBM Storage Fusion HCI is vulnerable to unauthorized access due to a flaw in Ceph RGW.

Summary Ceph is used by IBM Storage Fusion HCI if IBM Storage Fusion HCI is configured with the Data Foundation service. CVE-2023-43040. Vulnerability Details CVEID:CVE-2023-43040 DESCRIPTION: IBM Spectrum Fusion HCI could allow an attacker to perform unauthorized actions in RGW for Ceph due to...

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high...

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to a remote attack due to Apache Commons Net (CVE-2032-37533)

Summary The IBM Integration Bus for z/OS toolkit is vulnerable to a remote attack due to Apache Commons Net. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain...

Security Bulletin: IBM App Connect Enterprise is vulnerable to an HTML injection attack (CVE-2024-28761)

Summary IBM App Connect Enterprise Admin API and Dashboard are vulnerable to an HTML injection attack. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-28761 DESCRIPTION: IBM App Connect Enterprise is vulnerable to HTML injection. A...

Security Bulletin: The IBM QRadar SIEM Amazon Web Services protocol is vulnerable to a denial of service (CVE-2021-22569 ,CVE-2022-3171, CVE-2022-3509)

Summary A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java which allows the interleaving of com.google.protobuf.UnknownFieldSet fields. Vulnerability Details CVEID:CVE-2021-22569 DESCRIPTION: Google Protocol Buffer protobuf-java is vulnerable to a denial of service, caused by...

Security Bulletin: The IBM QRadar SIEM RabbitMQ protocol is vulnerable to a denial of service (CVE-2023-46120)

Summary The RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLength. Vulnerability Details CVEID:CVE-2023-46120 DESCRIPTION: RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending ...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service (CVE-2024-28760)

Summary IBM App Connect Enterprise Dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. This bulletin identifies the steps to take to address the vulnerability Vulnerability Details CVEID:CVE-2024-28760 DESCRIPTION: IBM App Connect Enterprise dashboa...

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-41419 DESCRIPTION: Gevent could allow a remote attacker to gain...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack due to the node.js module follow-redirects and Express.js (CVE-2024-28849, CVE-2024-29041)

Summary IBM App Connect Enterprise is vulnerable to a remote attack due to node.js module follow-redirects and Express.js. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow...

Security Bulletin: IBM Security Guardium is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 vulnerability (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary IBM Security Guardium has addressed these vulnerabilities with updates. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact, and...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js.

Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21892 DESCRIPTION: Node.js could allow a local authenticated attacker to gain elevated...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to a denial of service (CVE-2024-25026)

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is vulnerable to a denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Jazz for...

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Business Automation Workflow Configuration Editor

Summary IBM Business Automation Workflow Configuration Editor repackages a vulnerable version of Node.js and express. Vulnerability Details CVEID:CVE-2024-27982 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the use of content length obfuscation in the http server. By...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote...