» 2021 » 7월

IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204349.

Source: CVE-2021-29822

CVE-2021-29805

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-29805

IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204263.

Source: CVE-2021-29805

CVE-2021-29804

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-29804

Source: CVE-2021-29804

CVE-2021-29803

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-29803

Source: CVE-2021-29803

CVE-2021-29794

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-29794

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 203556.

Source: CVE-2021-29794

CVE-2021-29792

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-29792

IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450.

Source: CVE-2021-29792

CVE-2021-36381

Posted on 2021년 7월 13일2021년 7월 13일 by admin

CVE-2021-36381

In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user’s browser via logon.jsp?logon_error= on the login screen of the Web application.

Source: CVE-2021-36381