Blog
Share This Post
[ad_1]
Fixes have been released by IBM to address numerous product vulnerabilities, the most serious of which are a pair of high-severity remote code execution bugs in its Data Visualization Manager and Security SOAR offerings, reports SecurityWeek.
Attackers could exploit the Data Virtualization Manager for z/OS flaw, tracked as CVE-2024-52899, to facilitate malicious JDBC URL parameter injections and run arbitrary code, while the Security SOAR prototype pollution issue, tracked as CVE-2024-45801, could be leveraged to trigger arbitrary code execution and denial-of-service condition, according to IBM. Other security vulnerabilities patched by IBM include the Watson Speech Services Cartridge for Cloud Pak for Data and OpenSSL flaws, tracked as CVE-2024-49353 and CVE-2024-6119, respectively, as well as three Engineering Lifecycle Management issues, which could be utilized in cross-site scripting intrusions. Immediate application of the patches has been recommended even if no active exploitation of any of the flaws was reported.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
