Computer vulnerabilities of IBM TSA

WebSphere AS: directory traversal via Admin Console
An attacker can traverse directories via Admin Console of WebSphere AS, in order to read a file outside the service root path...
1079031, 1086399, 1086423, 1086459, 1086477, 1086483, 1106955, 1106967, 3380121, CVE-2019-4442, VIGILANCE-VUL-30280

WebSphere AS: Cross Site Scripting via Admin Console
An attacker can trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site...
1079031, 1086399, 1086423, 1086459, 1086477, 1086483, 1106955, 1106967, 884040, CVE-2019-4271, VIGILANCE-VUL-30236

Apache Commons Beanutils: information disclosure via BeanIntrospector
An attacker can bypass access restrictions to data via BeanIntrospector of Apache Commons Beanutils, in order to obtain sensitive information...
1115085, 1119387, 3407751, 6198380, 6369095, CERTFR-2020-AVI-179, cpujan2021, cpujul2020, CVE-2019-10086, DLA-1896-1, DSA-2019-189, FEDORA-2019-79b5790566, FEDORA-2019-bcad44b5d6, openSUSE-SU-2019:2058-1, RHSA-2019:4317-01, RHSA-2020:0057-01, RHSA-2020:0194-01, RHSA-2020:0804-01, RHSA-2020:0805-01, RHSA-2020:0806-01, RHSA-2020:0811-01, RHSA-2020:0951-01, RHSA-2020:0952-01, SUSE-SU-2019:2244-1, SUSE-SU-2019:2245-1, VIGILANCE-VUL-30143

Eclipse OpenJ9: privilege escalation via Absolute RPATH
An attacker can bypass restrictions via Absolute RPATH of Eclipse OpenJ9, in order to escalate his privileges...
1072346, 1073908, 1087227, 1101261, 1108107, 1109829, 6199287, 6199289, 967217, CVE-2019-11771, ibm10964780, SUSE-SU-2019:14160-1, SUSE-SU-2019:14188-1, SUSE-SU-2019:2291-1, SUSE-SU-2019:2336-1, SUSE-SU-2019:2371-1, VIGILANCE-VUL-30137

IBM Java: privilege escalation via Absolute RPATH
An attacker can bypass restrictions via Absolute RPATH of IBM Java, in order to escalate his privileges...
1072346, 1073908, 1087227, 1101261, 1108107, 1109829, 6199287, 6199289, 967217, CVE-2019-4473, ibm10964780, SUSE-SU-2019:14160-1, SUSE-SU-2019:14188-1, SUSE-SU-2019:2291-1, SUSE-SU-2019:2336-1, SUSE-SU-2019:2371-1, VIGILANCE-VUL-30136

Oracle Java: vulnerabilities of July 2019
Several vulnerabilities were announced in Oracle products...
1072346, 1073908, 1087227, 1170340, 6199287, 6199289, 967217, CERTFR-2019-AVI-340, cpujul2019, CVE-2019-2745, CVE-2019-2762, CVE-2019-2766, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2818, CVE-2019-2821, CVE-2019-2842, DLA-1886-1, DLA-1886-2, DSA-2019-133, DSA-2019-154, DSA-2020-198, DSA-4485-1, DSA-4486-1, FEDORA-2019-146b81efba, FEDORA-2019-3854a1727e, FEDORA-2019-56a658c60c, FEDORA-2019-5c794ec7ba, FEDORA-2019-97bb9c43b9, FEDORA-2019-a5ec38072a, FEDORA-2019-a9825cfb3d, FEDORA-2019-f27e187c76, openSUSE-SU-2019:1912-1, openSUSE-SU-2019:1916-1, PROJ-ZERO-1779, PROJ-ZERO-1780, PROJ-ZERO-1781, PROJ-ZERO-1782, RHSA-2019:1810-01, RHSA-2019:1811-01, RHSA-2019:1815-01, RHSA-2019:1816-01, RHSA-2019:1817-01, RHSA-2019:1839-01, RHSA-2019:1840-01, RHSA-2019:2494-01, RHSA-2019:2495-01, RHSA-2019:2585-01, RHSA-2019:2590-01, RHSA-2019:2592-01, SB10300, SUSE-SU-2019:14160-1, SUSE-SU-2019:14188-1, SUSE-SU-2019:2021-1, SUSE-SU-2019:2028-1, SUSE-SU-2019:2036-1, SUSE-SU-2019:2291-1, SUSE-SU-2019:2336-1, SUSE-SU-2019:2371-1, USN-4080-1, USN-4083-1, VIGILANCE-VUL-29796

Oracle Java: vulnerabilities of April 2019
Several vulnerabilities were announced in Oracle products...
CERTFR-2019-AVI-174, cpuapr2019, cpujan2021, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699, DLA-1782-1, DSA-2019-117, DSA-2020-072, DSA-2020-198, DSA-4453-1, FEDORA-2019-265e0b1282, FEDORA-2019-5557661da8, FEDORA-2019-892e8e206e, FEDORA-2019-a8996fb898, FEDORA-2019-c701e6605a, FEDORA-2019-ca4ee3510d, FEDORA-2019-ec644ec323, FEDORA-2019-f2dfd17192, ibm10883126, ibm10884534, ibm10884536, ibm10884590, NTAP-20190423-0003, openSUSE-SU-2019:1327-1, openSUSE-SU-2019:1438-1, openSUSE-SU-2019:1439-1, openSUSE-SU-2019:1500-1, RHSA-2019:0774-01, RHSA-2019:0775-01, RHSA-2019:0778-01, RHSA-2019:0790-01, RHSA-2019:0791-01, RHSA-2019:1146-01, RHSA-2019:1163-01, RHSA-2019:1164-01, RHSA-2019:1165-01, RHSA-2019:1166-01, RHSA-2019:1238-01, RHSA-2019:1518-01, SB10285, SUSE-SU-2019:1052-1, SUSE-SU-2019:1211-2, SUSE-SU-2019:1219-1, SUSE-SU-2019:1308-1, SUSE-SU-2019:1308-2, SUSE-SU-2019:1345-1, SUSE-SU-2019:1392-1, SUSE-SU-2019:14059-1, SUSE-SU-2019:1644-1, USN-3975-1, VIGILANCE-VUL-29049

WebSphere AS: infinite loop via Admin Console
An attacker can trigger an infinite loop via Admin Console of WebSphere AS, in order to trigger a denial of service...
CVE-2019-4080, ibm10875692, ibm10880551, ibm10884894, VIGILANCE-VUL-28864

WebSphere AS: memory leak via Request Headers
An attacker can create a memory leak via Request Headers of WebSphere AS, in order to trigger a denial of service...
CVE-2019-4046, ibm10869570, ibm10878466, ibm10884082, ibm10884894, swg27048591, VIGILANCE-VUL-28809

WebSphere AS: privilege escalation via Spoof Connection Information
An attacker can bypass restrictions via Spoof Connection Information of WebSphere AS, in order to escalate his privileges...
CVE-2018-1902, ibm10795115, ibm10876438, ibm10877000, ibm10884082, swg27048591, VIGILANCE-VUL-28690

Our database contains other pages. You can request a free trial to read them.

Display information about IBM TSA:

https://www.ibm.com/fr-fr/marketplace/ibm-system-automation-for-z-systems