IBM Support

Log Analysis Security Bulletin List

Question & Answer


Question

Is there a list of security bulletins that describe resolved vulnerabilities affecting Log Analysis?

Answer

Log Analysis is made up of several components. The following table contains security bulletins that address the vulnerability of various
components in Log Analysis, listed by release.
Version CVE No. Component Vulnerability Description
1.3.8 Internal Vulnerability Log Analysis A user's session is not properly invalidated at both client-side and server-side after user logout, application automatically log a user out when exceed certain amount of time and user closes the browser without log out. This is fixed in 1.3.8. 
1.3.8 Internal Vulnerability Log Analysis In Log Analysis, the CSRFToken is not tied to the respective user session and hence old CSRFTokens when combined with new session is resulting in a successful request. This is fixed in 1.3.8.
1.3.8 Internal Vulnerability Log Analysis All the communication data will be sent in clear text over the network using HTTP requests. Any user in a same network can sniff these data and get sensitive information like authentication credentials, session details, or personal data. This is fixed in 1.3.8.  
1.3.8 CVE-2022-48285 Apache Ant Security Bulletin: Potential Directory Traversal Vulnerability in Apache Ant shipped with IBM Operations Analytics - Log Analysis (CVE-2022-48285)   
1.3.8 CVE-2022-24823 Apache Solr
Apache Zookeeper		 Security Bulletin: Potential Vulnerability in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2022-24823)  
1.3.8 CVE-2021-33813 Apache Solr Security Bulletin: Potential denial of service vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2021-33813)   
1.3.8 CVE-2018-18928 Apache Solr Security Bulletin: Vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2018-18928)   
1.3.8 CVE-2022-29181
CVE-2022-23476		 Logstash Security Bulletin: Vulnerabilities in Logstash affect IBM Operations Analytics - Log Analysis (CVE-2022-29181, CVE-2022-23476)   
1.3.8 CVE-2020-11023
CVE-2020-23064
CVE-2020-11022		 Apache Ant Security Bulletin: Vulnerabilities in Apache Ant affect IBM Operations Analytics - Log Analysis (CVE-2020-11023, CVE-2020-23064, CVE-2020-11022)   
1.3.8 CVE-2019-20444
CVE-2021-37136
CVE-2020-7238
CVE-2021-37137
CVE-2022-24823
CVE-2019-9518
CVE-2021-43797
CVE-2021-21295
CVE-2021-21290
CVE-2019-16869
CVE-2020-11612
CVE-2021-21409
CVE-2019-20445		 Apache Solr
Apache Zookeeper
Logstash		 Security Bulletin: Multiple vulnerabilities in Netty affect Apache Solr, Apache Zookeeper and Logstash shipped with IBM Operations Analytics - Log Analysis   
1.3.8 WS-2020-0408 Apache Solr Security Bulletin: Netty vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis  
1.3.8 CVE-2024-22201
CVE-2023-51775		 Apache Solr Security Bulletin: Multiple vulnerabilities affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-22201, CVE-2023-51775)   
1.3.8 CVE-2024-29131
CVE-2024-29133		 Apache Solr Security Bulletin: Apache Commons Configuration vulnerability has been identified in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-29131,CVE-2024-29133)   
1.3.8 CVE-2024-23081
CVE-2024-23082		 Apache Solr Security Bulletin: ThreeTen Backport vulnerability has been identified in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-23081,CVE-2024-23082)     
1.3.8 CVE-2023-33202
CVE-2024-21742
CVE-2024-29857
CVE-2024-30172
CVE-2024-34447		 Apache Solr
Logstash		 Security Bulletin: Apache James and Bouncy Castle vulnerabilities in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33202,CVE-2024-21742,CVE-2024-29857,CVE-2024-30172,CVE-2024-34447)   
1.3.7.2 IF001A
CVE-2021-36373  CVE-2020-11979  CVE-2021-36374  CVE-2012-2098
CVE-2020-1945
 Apache Solr Security Bulletin: Multiple vulnerabilities affect Apache Ant shipped with IBM Operations Analytics - Log Analysis    
1.3.7.2 IF001A CVE-2022-39135 Apache Solr Security Bulletin: Vulnerability from Apache Calcite affect IBM Operations Analytics - Log Analysis (CVE-2022-39135)   
1.3.7.2 IF003A
CVE-2022-38750 CVE-2022-38751  CVE-2022-38752 CVE-2022-38749 CVE-2022-1471
CVE-2022-41854 
CVE-2022-25857
 Logstash Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis     
1.3.7.2 IF001A
CVE-2022-3171
CVE-2022-3509
CVE-2022-3510
 Apache Solr
1.3.7.2 IF001A**
1.3.7.2 IF002
1.3.7.2 IF003A**		 CVE-2019-16943 
CVE-2019-14892 
CVE-2019-10202 
CVE-2020-9548 
CVE-2020-11113 
* more CVE in Bulletin		 Apache Solr
Apache Zookeeper
Logstash		 Security Bulletin: Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis  * 
1.3.7.2 IF001A**  CVE-2022-25647 Apache Solr
Log Analysis		 Security Bulletin: Vulnerability from Google Gson affect IBM Operations Analytics - Log Analysis (CVE-2022-25647)     
1.3.7.2 IF001A**
1.3.7.2 IF002		 CVE-2022-2047 Apache Solr
Apache Zookeeper		 Security Bulletin: Potential vulnerability in Eclipse Jetty affects IBM Operations Analytics - Log Analysis (CVE-2022-2047)    
1.3.7.2 IF003A** CVE-2017-13098 Logstash Security Bulletin: Vulnerability in Bouncy Castle used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2017-13098)    
1.3.7.2 IF003A** CVE-2020-13956 Logstash Security Bulletin: Potential Vulnerability in Apache HttpClient used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2020-13956)    
1.3.7.2 IF003A**
CVE-2022-25857
CVE-2017-18640
 Logstash Security Bulletin: Vulnerabilities in SnakeYAML used by Logstash affects IBM Operations Analytics - Log Analysis (CVE-2022-25857, CVE-2017-18640)   
1.3.7.2 IF003A** CVE-2020-28491 Logstash Security Bulletin: Information disclosure in FasterXML Jackson Dataformats affect IBM Operations Analytics - Log Analysis (CVE-2020-28491)   
1.3.7.2 IF003A** CVE-2021-38153 Logstash Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2021-38153)    
1.3.7.2 IF003A** CVE-2018-17196 Logstash Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2018-17196)    
1.3.7.2 IF001A** CVE-2020-8908 Apache Solr Security Bulletin: Vulnerability in Guava API affect IBM Operations Analytics - Log Analysis (CVE-2020-8908)     
1.3.7.2 IF001A**
CVE-2022-26612
CVE-2022-25168
 Apache Solr Security Bulletin: Vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis (CVE-2022-26612, CVE-2022-25168)    
1.3.7.2 IF001A** CVE-2022-23437 Apache Solr Security Bulletin: Vulnerability from Apache Xerces2 affect IBM Operations Analytics - Log Analysis (CVE-2022-23437)    
1.3.7.2 IF001A** CVE-2022-33980 Apache Solr Security Bulletin: Potential vulnerability in Apache Commons Configuration affect IBM Operations Analytics - Log Analysis (CVE-2022-33980)    
1.3.7.2 IF001A**
CVE-2022-30126
CVE-2022-33879
CVE-2022-30973
 Apache Solr Security Bulletin: IBM Operations Analytics - Log Analysis vulnerable to multiple vulnerabilities in Apache Tika (CVE-2022-30126, CVE-2022-33879, CVE-2022-30973)   
1.3.7.2 IF001A** CVE-2022-25169 Apache Solr Security Bulletin: IBM Operations Analytics - Log Analysis susceptible to vulnerability in Apache Tika (CVE-2022-25169)    
1.3.7.2 IF001A**
CVE-2020-9489
CVE-2022-25169
CVE-2021-28657
 Apache Solr Security Bulletin: IBM Operations Analytics - Log Analysis susceptible to multiple vulnerabilities in Apache Tika (CVE-2020-9489, CVE-2022-25169, CVE-2021-28657)   
1.3.7.2 IF001A** CVE-2021-22569 Apache Solr Security Bulletin: Vulnerability from Google Protocol Buffer affect IBM Operations Analytics - Log Analysis (CVE-2021-22569)   
1.3.7.2 IF001A** CVE-2022-36364 Apache Solr Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)   
1.3.7.2 IF001A** CVE-2022-2048 Apache Solr Security Bulletin: Vulnerability from Eclipse Jetty affect IBM Operations Analytics - Log Analysis (CVE-2022-2048)   
1.3.7.2 IF001A** CVE-2022-42889 Apache Solr Security Bulletin: Vulnerability in Apache Commons Text used by Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2022-42889)   
1.3.x IF007 CVE-2018-15494 Log Analysis Security Bulletin: Potential vulnerability in Dojo affect IBM Operations Analytics - Log Analysis (CVE-2018-15494)    
1.3.7.2 CVE-2019-17571
CVE-2020-9488		 Log Analysis Security Bulletin: Vulnerabilities from log4j affect IBM Operations Analytics - Log Analysis (CVE-2019-17571, CVE-2020-9488)     
1.3.7.2 CVE-2021-4104
CVE-2020-9493
CVE-2022-23305
CVE-2022-23302
CVE-2020-9488
CVE-2022-23307
CVE-2019-17571
Log Analysis
 Security Bulletin: Multiple vulnerabilities in log4j-1.2.16.jar used by IBM Operations Analytics - Log Analysis   
1.3.7.1 Internal Vulnerability Log Analysis Cookie with Insecure or Improper or Missing SameSite attribute
1.3.7.1 CVE-2019-10094
CVE-2018-17197
CVE-2020-1951
CVE-2019-10093
CVE-2020-1950
CVE-2020-9489		 Apache Solr Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Tika   
1.3.7.1 CVE-2019-14262 Apache Solr Security Bulletin: Vulnerability in MetadataExtractor used by Apache Solr affect IBM Operations Analytics - Log Analysis Analysis (CVE-2019-14262)   
1.3.7 IF001 Internal Vulnerability Log Analysis CSRFToken is not validated or updated on logout and login
The CSRFToken is not validated or updated on each logout and login by Log Analysis.  Token value remains the same for all the logins and active sessions until users close the browser.
1.3.7 IF001 Internal Vulnerability Log Analysis Log Analysis Help pages are vulnerable to Clickjacking
X-frame-Option header was implemented for Log Analysis application.  However, this was not implemented for Log Analysis help pages to prevent Clickjacking.
1.3.7 CVE-2017-1000190 Apache Solr Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2017-1000190)
1.3.7 CVE-2020-11620
CVE-2020-10969
CVE-2020-14062
CVE-2020-14060
CVE-2020-11112
CVE-2020-10968
CVE-2020-10672
CVE-2020-9548
CVE-2020-9546
CVE-2020-11619
CVE-2020-11111
CVE-2020-14195
CVE-2020-14061
CVE-2020-11113
CVE-2020-9547
CVE-2020-10673
CVE-2019-10202
CVE-2019-17531
CVE-2019-14893
CVE-2020-8840
CVE-2019-10172		 Apache Solr Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis
1.3.7 CVE-2019-17558 Apache Solr Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)  
1.3.7 CVE-2014-3643 Apache Zookeeper Security Bulletin: Vulnerability in jersey affect Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2014-3643) 
1.3.7 CVE-2015-5237 Apache Solr Security Bulletin: protobuf Vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis Analysis (CVE-2015-5237)   
1.3.7 CVE-2019-10246
CVE-2019-10247
CVE-2019-10241		 Apache Solr Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis 
1.3.7 CVE-2020-1945 Apache Ant Security Bulletin: Vulnerability in Apache Ant affect IBM Operations Analytics - Log Analysis Analysis (CVE-2020-1945)    
1.3.7 CVE-2019-17359 Apache Solr Security Bulletin: Vulnerability in Bouncy Castle affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-17359)  
1.3.7 CVE-2019-12402 Apache Solr Security Bulletin: Vulnerability in Apache Commons Compress affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-12402)    
1.3.7 CVE-2018-11766
CVE-2017-15713		 Apache Solr Security Bulletin: Multiple vulnerabilities in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis   
1.3.7 CVE-2019-0201 Apache Zookeeper Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an Apache Zookeeper vulnerability (CVE-2019-0201)   
1.3.7 CVE-2018-11768 Apache Solr Security Bulletin: Vulnerability in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-11768)  
1.3.7 CVE-2019-12415 Apache Solr Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to vulnerability in Apache POI (CVE-2019-12415)     
1.3.7 CVE-2019-0228 Apache Solr Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0228) 
  
1.3.7 CVE-2018-1000613
CVE-2016-1000342
CVE-2016-1000344
CVE-2016-1000345
CVE-2016-1000339
CVE-2016-1000346
CVE-2016-1000338
CVE-2016-1000343
CVE-2016-1000340
CVE-2016-1000352
CVE-2015-6644
CVE-2016-1000341
CVE-2018-1000180		 Apache Solr
1.3.7 CVE-2018-14718
CVE-2018-14719
CVE-2018-19362
CVE-2018-14721
CVE-2018-11307
CVE-2019-16335
CVE-2018-19361
CVE-2018-14720
CVE-2018-19360
CVE-2019-14540
CVE-2019-14379
CVE-2018-12023
CVE-2019-14439
CVE-2019-12814
CVE-2018-12022
CVE-2018-5968
CVE-2019-12384
CVE-2019-12086		 Apache Solr
1.3.7 Internal Vulnerability Apache Solr Vulnerabilities from Apache Commons Fileupload: Apache Solr (Lucene)
The class FileUploadBase in Apache Commons Fileupload before 1.4 has potential resource leak - InputStream not closed on exception.
1.3.7 Internal Vulnerability Apache Solr,
Log Analysis		 Apache Solr (Lucene) and Unity are vulnerable to Apache commons-codec 
 
1.3.7 CVE-2013-4002
CVE-2012-0881
CVE-2009-2625		 Apache Solr Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Xerces2    
1.3.7 CVE-2018-10237 Apache Solr Security Bulletin: A vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-10237)   
1.3.7 CVE-2018-1000632 Apache Solr Security Bulletin: dom4j Vulnerability in Apache Solr shipped with IBM Operations Analytics - Log Analysis Analysis (CVE-2018-1000632)   
1.3.7 CVE-2018-11761
CVE-2018-17197
CVE-2019-10088
CVE-2019-10094
CVE-2018-11796		 Apache Solr Security Bulletin: Multiple vulnerabilities in Apache Tika affects Apache Solr shipped with IBM Operations Analytics - Log Analysis 
 
1.3.7 CVE-2018-8017 Apache Solr Security Bulletin: Vulnerability with Apache Tika in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-8017)   
1.3.7 CVE-2018-11797 Apache Solr Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2018-11797)   
1.3.7 CVE-2018-8036 Apache Solr Security Bulletin: Vulnerability in Apache PDFBox affects Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-8036)   
1.3.6.1 Internal Vulnerability Log Analysis Security Bulletin: Content Spoofing vulnerability in IBM Operations Analytics - Log Analysis 
1.3.6.1 Internal Vulnerability Log Analysis Security Bulletin: Insecure Path Attribute in IBM Operations Analytics - Log Analysis (CSRFToken , LtpaToken2)   
1.3.6.1 Internal Vulnerability Log Analysis Security Bulletin: Cross site Scripting (Reflected) vulnerability in IBM Operations Analytics - Log Analysis    
1.3.6.1 Internal Vulnerability Log Analysis Security Bulletin: Host Header Injection vulnerability in IBM Operations Analytics - Log Analysis (pre-login scenario)   
1.3.6.1 CVE-2017-3164 Apache Solr Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)   
1.3.6 IF001 Internal Vulnerability Log Analysis Security Bulletin: Query Parameter in SSL vulnerability in IBM Operations Analytics - Log Analysis   
1.3.6 CVE-2019-4216 WebSphere Application Server Liberty Security Bulletin: IBM Operations Analytics - Log Analysis is vulnerable to potential Host Header Injection (CVE-2019-4216)   
1.3.6 CVE-2019-4243 Apache Solr Security Bulletin: A vulnerability in Apache Solr (Lucene) affects IBM Operations Analytics - Log Analysis (CVE-2019-4243)   
1.3.6 CVE-2019-4215 WebSphere Application Server Liberty Security Bulletin: Clickjacking vulnerability in IBM Operations Analytics - Log Analysis (CVE-2019-4215)   
1.3.6 CVE-2019-4214 WebSphere Application Server Liberty Security Bulletin: Log Analysis is vulnerable to a client side scripting attack due to missing HTTPOnly and Secure attribute in the cookie   
1.3.6 CVE-2019-4244 Apache Zookeeper Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an Apache Zookeeper vulnerability (CVE-2019-4244) 
 
1.3.6 Internal Vulnerability Log Analysis Security Bulletin: Log Analysis is vulnerable to Injection Attacks   
1.3.6 CVE-2020-13957 Apache Solr Security Bulletin: Vulnerability related to unauthenticated uploads in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2020-13957) 
 
1.3.5.3 CVE-2019-0192 Apache Solr Security Bulletin: Potential vulnerability related to Unsafe Deserialization in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0192)    
** 1.3.7.2 IF001A supersedes 1.3.7.2 IF001, while 1.3.7.2 IF003A supersedes 1.3.7.2 IF003
This table contains a list of vulnerabilities that were resolved by the respective version of the component.
Affected Log Analysis Version CVE No. Component Vulnerability Description
1.3.5.3, 1.3.6.x, 1.3.7.x, 1.3.8.x CVE-2024-22354 WebSphere Application Liberty Security Bulletin: A vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-22354)   
1.3.5.3, 1.3.6.x, 1.3.7.x, 1.3.8.x CVE-2023-50312 WebSphere Application Liberty Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2023-50312)   
1.3.5.3, 1.3.6.x, 1.3.7.x, 1.3.8.x CVE-2024-25026
CVE-2024-22329		 WebSphere Application Liberty Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-25026, CVE-2024-22329)   
1.3.5.3, 1.3.6.x, 1.3.7.x CVE-2022-34165
CVE-2022-22476
CVE-2019-11777		 WebSphere Application Liberty IBM WebSphere Application Server Liberty is vulnerable to HTTP header injection, identity spoofing and unverified connection to MQTT server. It's fixed in 1.3.8
1.3.5.3, 1.3.6.x, 1.3.7.x CVE-2023-24998 WebSphere Application Liberty Security Bulletin: Denial of Service in Apache Commons used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2023-24998)  
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1, 1.3.7.2 CVE-2022-34165 WebSphere Application Liberty Security Bulletin: Vulnerability in IBM WebSphere Application Server and IBM WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2022-34165)   
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1 , 1.3.7.2 CVE-2022-22476 WebSphere Application Liberty Security Bulletin: Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2022-22476)    
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1, 1.3.7.2 CVE-2022-22475 WebSphere Application Server Liberty Security Bulletin: Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2022-22475)    
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1, 1.3.7.2 CVE-2021-44832
CVE-2021-45105		 Apache Solr Security Bulletin: Vulnerabilities from log4j-core-2.16.0.jar affect IBM Operations Analytics - Log Analysis (CVE-2021-44832, CVE-2021-45105)   
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1 CVE-2021-44228
Apache Solr 
Logstash
 Security Bulletin: Log4j remote code execution vulnerability in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2021-44228)   
1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1
CVE-2021-35517
CVE-2021-36090
 WebSphere Application Server Liberty Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2021-35517, CVE-2021-36090)    
1.3.5.3, 1.3.6.1, 1.3.6
 CVE-2020-4590 WebSphere Application Server Liberty Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2020-4590) 
1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5
 CVE-2019-4046 WebSphere Application Server Liberty Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2019-4046)   
1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5.1, 1.3.5.2
 CVE-2018-10237 WebSphere Application Server Liberty Security Bulletin: Potential denial of service in WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2018-10237) 
1.3.5 CVE-2017-12624 WebSphere Application Server Liberty Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2017-12624)   
1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5
 CVE-2018-1447
CVE-2018-1388
CVE-2016-0702
CVE-2016-0705
CVE-2017-3732
CVE-2017-3736
CVE-2018-1428
CVE-2018-1427
CVE-2018-1426		 IBM Tivoli
Monitoring		 Security Bulletin: Multiple vulnerabilities affect the GSKit component of IBM Tivoli Monitoring shipped with IBM Operations Analytics - Log Analysis   
1.3.5 CVE-2018-1683 WebSphere Application Server Liberty Security Bulletin: Information disclosure in WebSphere Application Server Liberty bundled with IBM Operations Analytics - Log Analysis (CVE-2018-1683)   
1.3.5 CVE-2018-8039 WebSphere Application Server Liberty Security Bulletin: Potential MITM attack in Apache CXF used by WebSphere Application Server affects IBM Operations Analytics - Log Analysis (CVE-2018-8039)   
1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5
 CVE-2018-1901 WebSphere Application Server Liberty Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2018-1901)  
  
1.3.5 CVE-2018-1553 WebSphere Application Server Liberty Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1553)    
1.3.4, 1.3.5
 CVE-2014-7810 WebSphere Application Server Liberty Security Bulletin: Vulnerability in Expression Language library used by WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2014-7810)     
1.3.5 CVE-2018-1851 WebSphere Application Server Liberty Security Bulletin: Code execution vulnerability with OpenID connect in WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2018-1851)   
1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5
 CVE-2018-1755 WebSphere Application Server Liberty Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1755)    

[{"Type":"MASTER","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPFMY","label":"IBM Operations Analytics - Log Analysis"},"ARM Category":[{"code":"a8m50000000L0qYAAS","label":"Log Analysis"},{"code":"a8m50000000CcMiAAK","label":"Log Analysis-\u003EFramework-\u003ESecurity - Vulnerabilities"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
26 September 2024

UID

ibm16483079

Page Feedback