Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

IBM SmartCloud Analytics-Multiple vulnerabilities

 

Systems Affected


  • Red Hat Enterprise Linux Server 5
  • Red Hat Enterprise Linux WS/Desktop 5
  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux WS/Desktop 6

Threat Level

Overview


IBM SmartCloud Analytics - Log Analysis bundles ITM component (ax IBM Tivoli Monitoring Shared Libraries, version 6.2.2 FP9). Five vulnerabilities have been discovered in this ITM Component.


Description


Tivoli Monitoring internal web server can be driven by a commonly available command (wget) to forward an http request to another server via this affected component without being recorded.


Impact


  • Cross-site Scripting -- Remote with User Interaction
  • Denial of Service -- Remote with User Interaction
  • Provide Misleading Information -- Remote with User Interaction


Solution/ Workarounds


Patch/Upgrade


References


http://www-01.ibm.com/support/docview.wss?uid=swg21651226


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.