New Alerts for TRUMPF, IBM, Lenovo, and Linux. Splunk Quarterly Patches are expected out today.
TRUMPF
A number of TRUMPF software tools use the OPC UA Server, which contains several vulnerabilities that would allow a remote attacker to send malicious data to the application, resulting in a DoS. CVSSv3 score of 7.5
More info.
Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with Cloud Pak System. Highest CVSSv3 score of 9.8
More info.
A vulnerability in Apache Commons Configuration affects IBM SPSS Modeler. CVSSv3 score of 9.8
More info.
Lenovo (IBM) Storage products are affected by a vulnerability in the challenge/response authentication mechanism used for remote support which, under specific conditions, may allow unauthorized access as credentials can be reused on the product's management GUI. CVSSv3 score of 5.6
More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel and kpatch. More info.
CentOS has updated the kernel and microcode_ctl. More info.
Comments