Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-29371 (GCVE-0-2024-29371)
Vulnerability from cvelistv5 – Published: 2025-12-17 00:00 – Updated: 2026-01-23 19:28
VLAI
EPSS
Summary
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-1259 - Improper Restriction of Security Token Assignment
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29371",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T18:38:20.096134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1259",
"description": "CWE-1259 Improper Restriction of Security Token Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T18:48:36.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T19:28:10.386Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-29371",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2024-03-19T00:00:00.000Z",
"dateUpdated": "2026-01-23T19:28:10.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-29371",
"date": "2026-06-18",
"epss": "0.00244",
"percentile": "0.15319"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-29371\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-12-17T16:16:04.567\",\"lastModified\":\"2026-01-23T20:15:51.650\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1259\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jose4j_project:jose4j:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9.5\",\"matchCriteriaId\":\"DE62FF6D-FC62-42B0-9ED4-76A0C4419975\"}]}]}],\"references\":[{\"url\":\"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\"]},{\"url\":\"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29371\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-17T18:38:20.096134Z\"}}}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1259\", \"description\": \"CWE-1259 Improper Restriction of Security Token Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-17T18:15:31.759Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29371\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\", \"dateReserved\": \"2024-03-19T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-17T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:1010-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:10 - Updated: 2026-03-25 10:10Summary
Security update 5.0.7 for Multi-Linux Manager Server
Severity
Important
Notes
Title of the patch: Security update 5.0.7 for Multi-Linux Manager Server
Description of the patch: This update fixes the following issues:
branch-network-formula:
- Update to version 1.1.0
* Enable containers on SLE15SP7
* Exclude podman interfaces from sysctl setting
cobbler:
- Compatibility fixes for tftpboot directory setup
inter-server-sync:
- Version 0.3.10-0
* Write log to a rotated file without rsyslog and logrotate
* Recreate cobbler entries on the import (bsc#1220899)
* remove support for 4.2 file based pillars
* use correct hostname detection for 5.x servers
(bsc#1253322)
jose4j:
- CVE-2024-29371: Safeguard against excessive resource utilization by
restricting the size of data during JWE payload decompression (bsc#1255298)
liberate-formula:
- Version 0.1.2
* Add option to prevent logo packages from being installed
spacecmd:
- Version 5.0.15-0
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix spacecmd binary file upload (bsc#1253659)
spacewalk-backend:
- Version 5.0.17-0
* Fix reposync mediaproduct fetch when
URL contains auth token (bsc#1252388)
spacewalk-certs-tools:
- Version 5.0.13-0
* Fix bootstrap script for SLM 6.2 (bsc#1257992)
* Fix failing bootstrap with bootstrap script on SLES 16
and SL Micro 6.2 (bsc#1256991)
spacewalk-client-tools:
- Version 5.0.12-0
* Update translation strings
spacewalk-config:
- Version 5.0.9-0
* Enable HSTS in Apache config (bsc#1255176)
* Force SameSite=Lax on all Set-Cookie headers (bsc#1253711)
spacewalk-java:
- Version 5.0.31-0
* Commit DB changes before refreshing pillar for SSH push minions
(bsc#1253712)
* Fix http proxy verification (bsc#1253501)
* Fix: Broken URL in API docs (bsc#1244177)
* Fix crash in ubuntu errata sync on deleted channel ids
(bsc#1250561)
* Fix dnf updateinfo showing wrong severity for
security updates (bsc#1252937)
* Add details on config channels and state order in UI
(bsc#1253285)
* fix reposync crashing at metadata generation (bsc#1257538)
* Block multiple versions of the same package
from being locked (bsc#1246315)
* Use PackageEvr instead of string for fix_version (bsc#1252638)
* Add multi-thread support for message queue (bsc#1247722)
* Fix ungrouped systems list menu item (bsc#1254251)
spacewalk-proxy:
- Version 5.0.8-0
* Disable listing the content of /icons (bsc#1247544)
spacewalk-proxy-installer:
- Version 5.0.3-0
* Configure squid replacement policy properly before cache dir
(bsc#1253773)
spacewalk-web:
- Version 5.0.26-0
* Update web UI dependencies
* Add details on config channels and state order in UI
(bsc#1253285)
susemanager:
- Version 5.0.17-0
* Fix the product ids of client tools channels
* Fixed the package name to correct one (bsc#1255089)
susemanager-build-keys:
- Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255)
susemanager-docs_en:
- Updated the screenshots in multiple sections in Installation and Upgrade Guide
- Reformatted storage-scripts table to use plain paragraphs instead of bullet
lists to fix po4a extraction issue causing missing bullets in CJK translations
- Added a warning for all instances where mgradm upgrade podman is used
- Added section about container-based Kiwi image build support to Administration
guide (bsc#1251865)
- Included global GPG decryption for pillar data in specialized guide
(bsc#1255743)
- CIS removed from list of supported OpenSCAP profiles
- Changes example for the third-party repository GPG keys (bsc#1255857)
- Added SLE16 and openSUSE Leap 16 as supported clients
- Explained how to generate the proxy certificates on a peripheral server
(bsc#1249425)
- Improved procedure formatting for better clarity in Administration Guide
(bsc#1253660)
- Added links to man pages for createrepo_c and reprepro to Administration
Guide (bsc#1237181)
- Added missing options to command example in Installation and Upgrade Guide
(bsc#1252908)
- Added non-SUSE URLs to requirements in installation and Upgrade Guide
(bsc#1252665)
- Fixed typo for command options in Reference Guide (bsc#1253174)
- Added additional step for client deletion in Client Configuration Guide
(bsc#1253249)
- Clarified server config option for spacemd in Refrence Guide (bsc#1253197)
- Changed the installation instructions to use product instead of packages
(bsc#1249041)
susemanager-schema:
- Version 5.0.18-0
* Refactor oval related tables (bsc#1252638)
* Increase size of column 'context' on tables
'suseappstream' and 'suseserverappstream' (bsc#1255653)
* Add leftovers of partially missing ARMHF for Debian (bsc#1248783)
susemanager-sls:
- Version 5.0.21-0
* Fix error on shutdown for sles 12 (bsc#1255634)
* Fix bootstrap for SLM 6.2 and newer (bsc#1257992)
* Make mgr_events salt engine non-blocking on reading events
* Avoid losing the events on DB connection issues (bsc#1252098)
Patchnames: SUSE-2026-1010,SUSE-SUSE-Manager-Proxy-5.0-2026-1010,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2026-1010,SUSE-SUSE-Manager-Server-5.0-2026-1010
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
48 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.0.7 for Multi-Linux Manager Server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nbranch-network-formula:\n\n- Update to version 1.1.0 \n * Enable containers on SLE15SP7\n * Exclude podman interfaces from sysctl setting\n\ncobbler:\n\n- Compatibility fixes for tftpboot directory setup\n\ninter-server-sync:\n\n- Version 0.3.10-0\n * Write log to a rotated file without rsyslog and logrotate\n * Recreate cobbler entries on the import (bsc#1220899)\n * remove support for 4.2 file based pillars\n * use correct hostname detection for 5.x servers\n (bsc#1253322)\n\njose4j:\n\n- CVE-2024-29371: Safeguard against excessive resource utilization by\n restricting the size of data during JWE payload decompression (bsc#1255298)\n\nliberate-formula:\n\n- Version 0.1.2\n * Add option to prevent logo packages from being installed \n\nspacecmd:\n\n- Version 5.0.15-0\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix spacecmd binary file upload (bsc#1253659)\n\nspacewalk-backend:\n\n- Version 5.0.17-0\n * Fix reposync mediaproduct fetch when\n URL contains auth token (bsc#1252388)\n\nspacewalk-certs-tools:\n\n- Version 5.0.13-0\n * Fix bootstrap script for SLM 6.2 (bsc#1257992)\n * Fix failing bootstrap with bootstrap script on SLES 16\n and SL Micro 6.2 (bsc#1256991)\n\nspacewalk-client-tools:\n\n- Version 5.0.12-0\n * Update translation strings\n\nspacewalk-config:\n\n- Version 5.0.9-0\n * Enable HSTS in Apache config (bsc#1255176)\n * Force SameSite=Lax on all Set-Cookie headers (bsc#1253711)\n\nspacewalk-java:\n\n- Version 5.0.31-0\n * Commit DB changes before refreshing pillar for SSH push minions\n (bsc#1253712)\n * Fix http proxy verification (bsc#1253501)\n * Fix: Broken URL in API docs (bsc#1244177)\n * Fix crash in ubuntu errata sync on deleted channel ids\n (bsc#1250561)\n * Fix dnf updateinfo showing wrong severity for\n security updates (bsc#1252937)\n * Add details on config channels and state order in UI\n (bsc#1253285)\n * fix reposync crashing at metadata generation (bsc#1257538)\n * Block multiple versions of the same package\n from being locked (bsc#1246315)\n * Use PackageEvr instead of string for fix_version (bsc#1252638)\n * Add multi-thread support for message queue (bsc#1247722)\n * Fix ungrouped systems list menu item (bsc#1254251)\n\nspacewalk-proxy:\n\n- Version 5.0.8-0\n * Disable listing the content of /icons (bsc#1247544)\n\nspacewalk-proxy-installer:\n\n- Version 5.0.3-0\n * Configure squid replacement policy properly before cache dir\n (bsc#1253773)\n\nspacewalk-web:\n\n- Version 5.0.26-0\n * Update web UI dependencies\n * Add details on config channels and state order in UI\n (bsc#1253285)\n\nsusemanager:\n\n- Version 5.0.17-0\n * Fix the product ids of client tools channels\n * Fixed the package name to correct one (bsc#1255089)\n\nsusemanager-build-keys:\n\n- Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255)\n\nsusemanager-docs_en:\n\n- Updated the screenshots in multiple sections in Installation and Upgrade Guide\n- Reformatted storage-scripts table to use plain paragraphs instead of bullet\n lists to fix po4a extraction issue causing missing bullets in CJK translations\n- Added a warning for all instances where mgradm upgrade podman is used\n- Added section about container-based Kiwi image build support to Administration\n guide (bsc#1251865)\n- Included global GPG decryption for pillar data in specialized guide\n (bsc#1255743)\n- CIS removed from list of supported OpenSCAP profiles\n- Changes example for the third-party repository GPG keys (bsc#1255857)\n- Added SLE16 and openSUSE Leap 16 as supported clients\n- Explained how to generate the proxy certificates on a peripheral server\n (bsc#1249425)\n- Improved procedure formatting for better clarity in Administration Guide\n (bsc#1253660)\n- Added links to man pages for createrepo_c and reprepro to Administration\n Guide (bsc#1237181)\n- Added missing options to command example in Installation and Upgrade Guide\n (bsc#1252908)\n- Added non-SUSE URLs to requirements in installation and Upgrade Guide\n (bsc#1252665)\n- Fixed typo for command options in Reference Guide (bsc#1253174)\n- Added additional step for client deletion in Client Configuration Guide\n (bsc#1253249)\n- Clarified server config option for spacemd in Refrence Guide (bsc#1253197)\n- Changed the installation instructions to use product instead of packages\n (bsc#1249041) \n\nsusemanager-schema:\n\n- Version 5.0.18-0\n * Refactor oval related tables (bsc#1252638)\n * Increase size of column \u0027context\u0027 on tables\n \u0027suseappstream\u0027 and \u0027suseserverappstream\u0027 (bsc#1255653)\n * Add leftovers of partially missing ARMHF for Debian (bsc#1248783)\n\nsusemanager-sls:\n\n- Version 5.0.21-0\n * Fix error on shutdown for sles 12 (bsc#1255634)\n * Fix bootstrap for SLM 6.2 and newer (bsc#1257992)\n * Make mgr_events salt engine non-blocking on reading events\n * Avoid losing the events on DB connection issues (bsc#1252098)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1010,SUSE-SUSE-Manager-Proxy-5.0-2026-1010,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2026-1010,SUSE-SUSE-Manager-Server-5.0-2026-1010",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1010-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1010-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261010-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1010-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024920.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220899",
"url": "https://bugzilla.suse.com/1220899"
},
{
"category": "self",
"summary": "SUSE Bug 1237181",
"url": "https://bugzilla.suse.com/1237181"
},
{
"category": "self",
"summary": "SUSE Bug 1244177",
"url": "https://bugzilla.suse.com/1244177"
},
{
"category": "self",
"summary": "SUSE Bug 1246315",
"url": "https://bugzilla.suse.com/1246315"
},
{
"category": "self",
"summary": "SUSE Bug 1247544",
"url": "https://bugzilla.suse.com/1247544"
},
{
"category": "self",
"summary": "SUSE Bug 1247722",
"url": "https://bugzilla.suse.com/1247722"
},
{
"category": "self",
"summary": "SUSE Bug 1248783",
"url": "https://bugzilla.suse.com/1248783"
},
{
"category": "self",
"summary": "SUSE Bug 1249041",
"url": "https://bugzilla.suse.com/1249041"
},
{
"category": "self",
"summary": "SUSE Bug 1249425",
"url": "https://bugzilla.suse.com/1249425"
},
{
"category": "self",
"summary": "SUSE Bug 1250561",
"url": "https://bugzilla.suse.com/1250561"
},
{
"category": "self",
"summary": "SUSE Bug 1251865",
"url": "https://bugzilla.suse.com/1251865"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1252098",
"url": "https://bugzilla.suse.com/1252098"
},
{
"category": "self",
"summary": "SUSE Bug 1252388",
"url": "https://bugzilla.suse.com/1252388"
},
{
"category": "self",
"summary": "SUSE Bug 1252638",
"url": "https://bugzilla.suse.com/1252638"
},
{
"category": "self",
"summary": "SUSE Bug 1252665",
"url": "https://bugzilla.suse.com/1252665"
},
{
"category": "self",
"summary": "SUSE Bug 1252908",
"url": "https://bugzilla.suse.com/1252908"
},
{
"category": "self",
"summary": "SUSE Bug 1252937",
"url": "https://bugzilla.suse.com/1252937"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253197",
"url": "https://bugzilla.suse.com/1253197"
},
{
"category": "self",
"summary": "SUSE Bug 1253249",
"url": "https://bugzilla.suse.com/1253249"
},
{
"category": "self",
"summary": "SUSE Bug 1253285",
"url": "https://bugzilla.suse.com/1253285"
},
{
"category": "self",
"summary": "SUSE Bug 1253322",
"url": "https://bugzilla.suse.com/1253322"
},
{
"category": "self",
"summary": "SUSE Bug 1253501",
"url": "https://bugzilla.suse.com/1253501"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253660",
"url": "https://bugzilla.suse.com/1253660"
},
{
"category": "self",
"summary": "SUSE Bug 1253711",
"url": "https://bugzilla.suse.com/1253711"
},
{
"category": "self",
"summary": "SUSE Bug 1253712",
"url": "https://bugzilla.suse.com/1253712"
},
{
"category": "self",
"summary": "SUSE Bug 1253773",
"url": "https://bugzilla.suse.com/1253773"
},
{
"category": "self",
"summary": "SUSE Bug 1254251",
"url": "https://bugzilla.suse.com/1254251"
},
{
"category": "self",
"summary": "SUSE Bug 1255089",
"url": "https://bugzilla.suse.com/1255089"
},
{
"category": "self",
"summary": "SUSE Bug 1255176",
"url": "https://bugzilla.suse.com/1255176"
},
{
"category": "self",
"summary": "SUSE Bug 1255298",
"url": "https://bugzilla.suse.com/1255298"
},
{
"category": "self",
"summary": "SUSE Bug 1255634",
"url": "https://bugzilla.suse.com/1255634"
},
{
"category": "self",
"summary": "SUSE Bug 1255653",
"url": "https://bugzilla.suse.com/1255653"
},
{
"category": "self",
"summary": "SUSE Bug 1255743",
"url": "https://bugzilla.suse.com/1255743"
},
{
"category": "self",
"summary": "SUSE Bug 1255857",
"url": "https://bugzilla.suse.com/1255857"
},
{
"category": "self",
"summary": "SUSE Bug 1256991",
"url": "https://bugzilla.suse.com/1256991"
},
{
"category": "self",
"summary": "SUSE Bug 1257255",
"url": "https://bugzilla.suse.com/1257255"
},
{
"category": "self",
"summary": "SUSE Bug 1257538",
"url": "https://bugzilla.suse.com/1257538"
},
{
"category": "self",
"summary": "SUSE Bug 1257992",
"url": "https://bugzilla.suse.com/1257992"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-29371 page",
"url": "https://www.suse.com/security/cve/CVE-2024-29371/"
}
],
"title": "Security update 5.0.7 for Multi-Linux Manager Server",
"tracking": {
"current_release_date": "2026-03-25T10:10:02Z",
"generator": {
"date": "2026-03-25T10:10:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1010-1",
"initial_release_date": "2026-03-25T10:10:02Z",
"revision_history": [
{
"date": "2026-03-25T10:10:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"product_id": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"product_id": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"product_id": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"product_id": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 5.0",
"product": {
"name": "SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:5.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server Extension 5.0",
"product": {
"name": "SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0"
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 5.0",
"product": {
"name": "SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-29371"
}
],
"notes": [
{
"category": "general",
"text": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-29371",
"url": "https://www.suse.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "SUSE Bug 1255298 for CVE-2024-29371",
"url": "https://bugzilla.suse.com/1255298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:10:02Z",
"details": "important"
}
],
"title": "CVE-2024-29371"
}
]
}
WID-SEC-W-2026-0517
Vulnerability from csaf_certbund - Published: 2026-02-25 23:00 - Updated: 2026-05-28 22:00Summary
IBM WebSphere Application Server und WebSphere Application Server Liberty: Schwachstelle ermöglicht Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM WebSphere Application Server ist ein J2EE-Applikationsserver.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM WebSphere Application Server und WebSphere Application Server Liberty ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Operational Decision Manager 8.11.1.0
IBM / Operational Decision Manager
|
cpe:/a:ibm:operational_decision_manager:8.11.1.0
|
8.11.1.0 | |
|
IBM TXSeries Multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
Multiplatforms | |
|
IBM Operational Decision Manager 9.0.0.1
IBM / Operational Decision Manager
|
cpe:/a:ibm:operational_decision_manager:9.0.0.1
|
9.0.0.1 | |
|
IBM Operational Decision Manager 9.5.0.1
IBM / Operational Decision Manager
|
cpe:/a:ibm:operational_decision_manager:9.5.0.1
|
9.5.0.1 | |
|
IBM Rational ClearQuest 10.0-10.0.8
IBM / Rational ClearQuest
|
cpe:/a:ibm:rational_clearquest:10.0_-_10.0.8
|
10.0-10.0.8 | |
|
IBM WebSphere Application Server <8.5.5.29 PH69757
IBM / WebSphere Application Server
|
<8.5.5.29 PH69757 | ||
|
IBM Rational ClearQuest 9.1-9.1.0.9
IBM / Rational ClearQuest
|
cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.9
|
9.1-9.1.0.9 | |
|
IBM WebSphere Application Server Liberty <26.0.0.2 PH69729
IBM / WebSphere Application Server
|
Liberty <26.0.0.2 PH69729 | ||
|
IBM Business Automation Workflow 24.0.0
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:24.0.0
|
24.0.0 | |
|
IBM WebSphere Service Registry and Repository
IBM
|
cpe:/a:ibm:websphere_service_registry_and_repository:-
|
— | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:-
|
— | |
|
IBM WebSphere Application Server <9.0.5.26 PH69757
IBM / WebSphere Application Server
|
<9.0.5.26 PH69757 | ||
|
IBM Business Automation Workflow 25.0.1
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:25.0.1
|
25.0.1 | |
|
IBM Business Automation Workflow 25.0.0
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:25.0.0
|
25.0.0 | |
|
IBM Business Automation Workflow 24.0.1
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:24.0.1
|
24.0.1 | |
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Operational Decision Manager 8.11.0.1
IBM / Operational Decision Manager
|
cpe:/a:ibm:operational_decision_manager:8.11.0.1
|
8.11.0.1 | |
|
IBM Operational Decision Manager 8.12.0.1
IBM / Operational Decision Manager
|
cpe:/a:ibm:operational_decision_manager:8.12.0.1
|
8.12.0.1 |
References
11 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM WebSphere Application Server ist ein J2EE-Applikationsserver.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in IBM WebSphere Application Server und WebSphere Application Server Liberty ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0517 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0517.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0517 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0517"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7261794 vom 2026-02-25",
"url": "https://www.ibm.com/support/pages/node/7261794"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7261927 vom 2026-02-26",
"url": "https://www.ibm.com/support/pages/node/7261927"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7263094 vom 2026-03-10",
"url": "https://www.ibm.com/support/pages/node/7263094"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7263211 vom 2026-03-11",
"url": "https://www.ibm.com/support/pages/node/7263211"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7269254 vom 2026-04-13",
"url": "https://www.ibm.com/support/pages/node/7269254"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7270273 vom 2026-04-21",
"url": "https://www.ibm.com/support/pages/node/7270273"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7271937 vom 2026-05-07",
"url": "https://www.ibm.com/support/pages/node/7271937"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7272823 vom 2026-05-13",
"url": "https://www.ibm.com/support/pages/node/7272823"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7274314 vom 2026-05-28",
"url": "https://www.ibm.com/support/pages/node/7274314"
}
],
"source_lang": "en-US",
"title": "IBM WebSphere Application Server und WebSphere Application Server Liberty: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2026-05-28T22:00:00.000+00:00",
"generator": {
"date": "2026-05-29T07:40:41.810+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0517",
"initial_release_date": "2026-02-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-04-12T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-04-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-28T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "24.0.0",
"product": {
"name": "IBM Business Automation Workflow 24.0.0",
"product_id": "T036570",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0"
}
}
},
{
"category": "product_version",
"name": "24.0.1",
"product": {
"name": "IBM Business Automation Workflow 24.0.1",
"product_id": "T049760",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.1"
}
}
},
{
"category": "product_version",
"name": "25.0.0",
"product": {
"name": "IBM Business Automation Workflow 25.0.0",
"product_id": "T049761",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:25.0.0"
}
}
},
{
"category": "product_version",
"name": "25.0.1",
"product": {
"name": "IBM Business Automation Workflow 25.0.1",
"product_id": "T049762",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:25.0.1"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.11.1.0",
"product": {
"name": "IBM Operational Decision Manager 8.11.1.0",
"product_id": "06578EE6-A586-4789-BE88-3E269B0868D5",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:8.11.1.0"
}
}
},
{
"category": "product_version",
"name": "9.0.0.1",
"product": {
"name": "IBM Operational Decision Manager 9.0.0.1",
"product_id": "07A5E294-8A94-42D5-B418-207BAE046F8E",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:9.0.0.1"
}
}
},
{
"category": "product_version",
"name": "8.11.0.1",
"product": {
"name": "IBM Operational Decision Manager 8.11.0.1",
"product_id": "1587022",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:8.11.0.1"
}
}
},
{
"category": "product_version",
"name": "8.12.0.1",
"product": {
"name": "IBM Operational Decision Manager 8.12.0.1",
"product_id": "1587024",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:8.12.0.1"
}
}
},
{
"category": "product_version",
"name": "9.5.0.1",
"product": {
"name": "IBM Operational Decision Manager 9.5.0.1",
"product_id": "T050692",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:9.5.0.1"
}
}
}
],
"category": "product_name",
"name": "Operational Decision Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1-9.1.0.9",
"product": {
"name": "IBM Rational ClearQuest 9.1-9.1.0.9",
"product_id": "T051277",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.9"
}
}
},
{
"category": "product_version",
"name": "10.0-10.0.8",
"product": {
"name": "IBM Rational ClearQuest 10.0-10.0.8",
"product_id": "T051278",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.8"
}
}
}
],
"category": "product_name",
"name": "Rational ClearQuest"
},
{
"branches": [
{
"category": "product_version",
"name": "Multiplatforms",
"product": {
"name": "IBM TXSeries Multiplatforms",
"product_id": "T045090",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:multiplatforms"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"branches": [
{
"category": "product_version",
"name": "6.3.0.7",
"product": {
"name": "IBM Tivoli Monitoring 6.3.0.7",
"product_id": "342008",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
}
}
}
],
"category": "product_name",
"name": "Tivoli Monitoring"
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager",
"product": {
"name": "IBM Tivoli Network Manager",
"product_id": "T046989",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.0.5.26 PH69757",
"product": {
"name": "IBM WebSphere Application Server \u003c9.0.5.26 PH69757",
"product_id": "T051209"
}
},
{
"category": "product_version",
"name": "9.0.5.26 PH69757",
"product": {
"name": "IBM WebSphere Application Server 9.0.5.26 PH69757",
"product_id": "T051209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:9.0.5.26_ph69757"
}
}
},
{
"category": "product_version_range",
"name": "Liberty \u003c26.0.0.2 PH69729",
"product": {
"name": "IBM WebSphere Application Server Liberty \u003c26.0.0.2 PH69729",
"product_id": "T051211"
}
},
{
"category": "product_version",
"name": "Liberty 26.0.0.2 PH69729",
"product": {
"name": "IBM WebSphere Application Server Liberty 26.0.0.2 PH69729",
"product_id": "T051211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:liberty__26.0.0.2_ph69729"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.5.29 PH69757",
"product": {
"name": "IBM WebSphere Application Server \u003c8.5.5.29 PH69757",
"product_id": "T051212"
}
},
{
"category": "product_version",
"name": "8.5.5.29 PH69757",
"product": {
"name": "IBM WebSphere Application Server 8.5.5.29 PH69757",
"product_id": "T051212-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:8.5.5.29_ph69757"
}
}
}
],
"category": "product_name",
"name": "WebSphere Application Server"
},
{
"category": "product_name",
"name": "IBM WebSphere Service Registry and Repository",
"product": {
"name": "IBM WebSphere Service Registry and Repository",
"product_id": "T048917",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"product_status": {
"known_affected": [
"06578EE6-A586-4789-BE88-3E269B0868D5",
"T045090",
"07A5E294-8A94-42D5-B418-207BAE046F8E",
"T050692",
"T051278",
"T051212",
"T051277",
"T051211",
"T036570",
"T048917",
"T046989",
"T051209",
"T049762",
"T049761",
"T049760",
"342008",
"T021398",
"1587022",
"1587024"
]
},
"release_date": "2026-02-25T23:00:00.000+00:00",
"title": "CVE-2024-29371"
}
]
}
WID-SEC-W-2026-1210
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-04-21 22:00Summary
Oracle Siebel CRM: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Siebel CRM ist eine CRM-Lösung von Oracle.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=26.1
Oracle / Siebel CRM
|
<=26.1 | ||
|
Oracle Siebel CRM <=26.2
Oracle / Siebel CRM
|
<=26.2 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1210 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1210.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1210 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1210"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2026 - Appendix Oracle Siebel CRM vom 2026-04-21",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixSECR"
}
],
"source_lang": "en-US",
"title": "Oracle Siebel CRM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-21T22:00:00.000+00:00",
"generator": {
"date": "2026-04-22T09:04:47.548+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1210",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=25.11",
"product": {
"name": "Oracle Siebel CRM \u003c=25.11",
"product_id": "T050156"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.11",
"product": {
"name": "Oracle Siebel CRM \u003c=25.11",
"product_id": "T050156-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=26.2",
"product": {
"name": "Oracle Siebel CRM \u003c=26.2",
"product_id": "T053115"
}
},
{
"category": "product_version_range",
"name": "\u003c=26.2",
"product": {
"name": "Oracle Siebel CRM \u003c=26.2",
"product_id": "T053115-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=26.1",
"product": {
"name": "Oracle Siebel CRM \u003c=26.1",
"product_id": "T053116"
}
},
{
"category": "product_version_range",
"name": "\u003c=26.1",
"product": {
"name": "Oracle Siebel CRM \u003c=26.1",
"product_id": "T053116-fixed"
}
}
],
"category": "product_name",
"name": "Siebel CRM"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-45688",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2022-45688"
},
{
"cve": "CVE-2023-1436",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-1436"
},
{
"cve": "CVE-2023-26464",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-26464"
},
{
"cve": "CVE-2024-29371",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-29371"
},
{
"cve": "CVE-2024-36124",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-36124"
},
{
"cve": "CVE-2025-13601",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-13601"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-58057",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-58057"
},
{
"cve": "CVE-2025-68161",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-68161"
},
{
"cve": "CVE-2025-69223",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-69223"
},
{
"cve": "CVE-2025-7962",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-7962"
},
{
"cve": "CVE-2025-8869",
"product_status": {
"last_affected": [
"T053116",
"T053115",
"T050156"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-8869"
}
]
}
WID-SEC-W-2026-1229
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-05-25 22:00Summary
Atlassian Bamboo, Bitbucket, Confluence, Jira: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder Cross-Site-Scripting-Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
References
15 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder Cross-Site-Scripting-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1229 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1229.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1229 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1229"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - April 21 2026 vom 2026-04-21",
"url": "https://confluence.atlassian.com/security/security-bulletin-april-21-2026-1770913890.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10209 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10205 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10215 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10206 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10204 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10211 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10214 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10213 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10201 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11070 vom 2026-04-28",
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7271910 vom 2026-05-06",
"url": "https://www.ibm.com/support/pages/node/7271910"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20034 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20034"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence, Jira: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-25T22:00:00.000+00:00",
"generator": {
"date": "2026-05-26T12:16:36.572+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1229",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-23T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-27T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-25T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.1.6",
"product": {
"name": "Atlassian Bamboo \u003c12.1.6",
"product_id": "T053202"
}
},
{
"category": "product_version",
"name": "12.1.6",
"product": {
"name": "Atlassian Bamboo 12.1.6",
"product_id": "T053202-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.1.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.18",
"product": {
"name": "Atlassian Bamboo \u003c10.2.18",
"product_id": "T053203"
}
},
{
"category": "product_version",
"name": "10.2.18",
"product": {
"name": "Atlassian Bamboo 10.2.18",
"product_id": "T053203-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.18"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.2.2",
"product_id": "T053207"
}
},
{
"category": "product_version",
"name": "10.2.2",
"product": {
"name": "Atlassian Bitbucket 10.2.2",
"product_id": "T053207-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.19",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.19",
"product_id": "T053209"
}
},
{
"category": "product_version",
"name": "9.4.19",
"product": {
"name": "Atlassian Bitbucket 9.4.19",
"product_id": "T053209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.19"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.10",
"product": {
"name": "Atlassian Confluence \u003c10.2.10",
"product_id": "T053211"
}
},
{
"category": "product_version",
"name": "10.2.10",
"product": {
"name": "Atlassian Confluence 10.2.10",
"product_id": "T053211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.2.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.19",
"product": {
"name": "Atlassian Confluence \u003c9.2.19",
"product_id": "T053213"
}
},
{
"category": "product_version",
"name": "9.2.19",
"product": {
"name": "Atlassian Confluence 9.2.19",
"product_id": "T053213-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.19"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.3.4",
"product": {
"name": "Atlassian Jira \u003c11.3.4",
"product_id": "T053215"
}
},
{
"category": "product_version",
"name": "11.3.4",
"product": {
"name": "Atlassian Jira 11.3.4",
"product_id": "T053215-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:11.3.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.3.19",
"product": {
"name": "Atlassian Jira \u003c10.3.19",
"product_id": "T053216"
}
},
{
"category": "product_version",
"name": "10.3.19",
"product": {
"name": "Atlassian Jira 10.3.19",
"product_id": "T053216-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.3.19"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c11.3.4",
"product": {
"name": "Atlassian Jira Service Management \u003c11.3.4",
"product_id": "T053218"
}
},
{
"category": "product_version",
"name": "Service Management 11.3.4",
"product": {
"name": "Atlassian Jira Service Management 11.3.4",
"product_id": "T053218-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management__11.3.4"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.3.19",
"product": {
"name": "Atlassian Jira Service Management \u003c10.3.19",
"product_id": "T053221"
}
},
{
"category": "product_version",
"name": "Service Management 10.3.19",
"product": {
"name": "Atlassian Jira Service Management 10.3.19",
"product_id": "T053221-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management__10.3.19"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T052517",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform release 4.21.17",
"product": {
"name": "Red Hat OpenShift Container Platform release 4.21.17",
"product_id": "T054688",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_release_4.21.17"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-0341",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2021-0341"
},
{
"cve": "CVE-2021-31597",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2021-31597"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-25927",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2022-25927"
},
{
"cve": "CVE-2023-1370",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2023-3635",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-48631",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-48631"
},
{
"cve": "CVE-2024-29371",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-29371"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-66020",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-66020"
},
{
"cve": "CVE-2026-21571",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-21571"
},
{
"cve": "CVE-2026-22029",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22029"
},
{
"cve": "CVE-2026-23745",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-23745"
},
{
"cve": "CVE-2026-23950",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-23950"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-24842",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24842"
},
{
"cve": "CVE-2026-24880",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24880"
},
{
"cve": "CVE-2026-25547",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-25547"
},
{
"cve": "CVE-2026-25639",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-25639"
},
{
"cve": "CVE-2026-26960",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-26960"
},
{
"cve": "CVE-2026-29063",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-29063"
},
{
"cve": "CVE-2026-31802",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-31802"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-33871",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-33871"
},
{
"cve": "CVE-2026-34487",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34487"
}
]
}
WID-SEC-W-2026-1687
Vulnerability from csaf_certbund - Published: 2026-05-26 22:00 - Updated: 2026-05-26 22:00Summary
IBM License Metric Tool: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das IBM License Metric Tool dient der Lizenzverwaltung für IBM Produkte.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM License Metric Tool ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das IBM License Metric Tool dient der Lizenzverwaltung f\u00fcr IBM Produkte.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM License Metric Tool ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1687 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1687.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1687 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1687"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273983 vom 2026-05-26",
"url": "https://www.ibm.com/support/pages/node/7273983"
}
],
"source_lang": "en-US",
"title": "IBM License Metric Tool: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2026-05-26T22:00:00.000+00:00",
"generator": {
"date": "2026-05-27T11:20:42.217+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1687",
"initial_release_date": "2026-05-26T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-26T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "IBM License Metric Tool 9.2",
"product_id": "T031605",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-26141",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2024-26141"
},
{
"cve": "CVE-2024-29371",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2024-29371"
},
{
"cve": "CVE-2024-34459",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2024-34459"
},
{
"cve": "CVE-2025-14917",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2025-14917"
},
{
"cve": "CVE-2025-14923",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2025-14923"
},
{
"cve": "CVE-2025-62718",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2025-62718"
},
{
"cve": "CVE-2025-6490",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2025-6490"
},
{
"cve": "CVE-2026-0636",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-0636"
},
{
"cve": "CVE-2026-1561",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-1561"
},
{
"cve": "CVE-2026-22007",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22007"
},
{
"cve": "CVE-2026-22008",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22008"
},
{
"cve": "CVE-2026-22013",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22013"
},
{
"cve": "CVE-2026-22016",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22016"
},
{
"cve": "CVE-2026-22018",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22018"
},
{
"cve": "CVE-2026-22021",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-22021"
},
{
"cve": "CVE-2026-23865",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-23865"
},
{
"cve": "CVE-2026-23907",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-23907"
},
{
"cve": "CVE-2026-26961",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-26961"
},
{
"cve": "CVE-2026-33168",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33168"
},
{
"cve": "CVE-2026-33169",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33169"
},
{
"cve": "CVE-2026-33170",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33170"
},
{
"cve": "CVE-2026-33173",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33173"
},
{
"cve": "CVE-2026-33174",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33174"
},
{
"cve": "CVE-2026-33176",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33176"
},
{
"cve": "CVE-2026-33195",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33195"
},
{
"cve": "CVE-2026-33202",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33202"
},
{
"cve": "CVE-2026-33929",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-33929"
},
{
"cve": "CVE-2026-34230",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34230"
},
{
"cve": "CVE-2026-34268",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34268"
},
{
"cve": "CVE-2026-34282",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34282"
},
{
"cve": "CVE-2026-34763",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34763"
},
{
"cve": "CVE-2026-34785",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34785"
},
{
"cve": "CVE-2026-34786",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34786"
},
{
"cve": "CVE-2026-34826",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34826"
},
{
"cve": "CVE-2026-34829",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34829"
},
{
"cve": "CVE-2026-34830",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34830"
},
{
"cve": "CVE-2026-34831",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-34831"
},
{
"cve": "CVE-2026-35611",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-35611"
},
{
"cve": "CVE-2026-42033",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42033"
},
{
"cve": "CVE-2026-42034",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42034"
},
{
"cve": "CVE-2026-42035",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42035"
},
{
"cve": "CVE-2026-42036",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42036"
},
{
"cve": "CVE-2026-42037",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42037"
},
{
"cve": "CVE-2026-42038",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42038"
},
{
"cve": "CVE-2026-42039",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42039"
},
{
"cve": "CVE-2026-42040",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42040"
},
{
"cve": "CVE-2026-42041",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42041"
},
{
"cve": "CVE-2026-42042",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42042"
},
{
"cve": "CVE-2026-42043",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42043"
},
{
"cve": "CVE-2026-42044",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42044"
},
{
"cve": "CVE-2026-42264",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-42264"
},
{
"cve": "CVE-2026-5588",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-5588"
},
{
"cve": "CVE-2026-6918",
"product_status": {
"known_affected": [
"T031605"
]
},
"release_date": "2026-05-26T22:00:00.000+00:00",
"title": "CVE-2026-6918"
}
]
}
WID-SEC-W-2026-1752
Vulnerability from csaf_certbund - Published: 2026-05-31 22:00 - Updated: 2026-05-31 22:00Summary
IBM Business Automation Workflow: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, um Dateien zu manipulieren, und um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow <24.0.0-IF009
IBM / Business Automation Workflow
|
<24.0.0-IF009 | ||
|
IBM Business Automation Workflow <24.0.1-IF007
IBM / Business Automation Workflow
|
<24.0.1-IF007 | ||
|
IBM Business Automation Workflow <25.0.0-IF005
IBM / Business Automation Workflow
|
<25.0.0-IF005 | ||
|
IBM Business Automation Workflow <25.0.1-IF001
IBM / Business Automation Workflow
|
<25.0.1-IF001 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, um Informationen offenzulegen, um Dateien zu manipulieren, und um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1752 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1752.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1752 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1752"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7274511 vom 2026-05-31",
"url": "https://www.ibm.com/support/pages/node/7274511"
}
],
"source_lang": "en-US",
"title": "IBM Business Automation Workflow: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-31T22:00:00.000+00:00",
"generator": {
"date": "2026-06-01T10:32:25.918+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1752",
"initial_release_date": "2026-05-31T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-31T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c25.0.1-IF001",
"product": {
"name": "IBM Business Automation Workflow \u003c25.0.1-IF001",
"product_id": "T054911"
}
},
{
"category": "product_version",
"name": "25.0.1-IF001",
"product": {
"name": "IBM Business Automation Workflow 25.0.1-IF001",
"product_id": "T054911-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:25.0.1-if001"
}
}
},
{
"category": "product_version_range",
"name": "\u003c25.0.0-IF005",
"product": {
"name": "IBM Business Automation Workflow \u003c25.0.0-IF005",
"product_id": "T054912"
}
},
{
"category": "product_version",
"name": "25.0.0-IF005",
"product": {
"name": "IBM Business Automation Workflow 25.0.0-IF005",
"product_id": "T054912-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:25.0.0-if005"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.0.1-IF007",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.1-IF007",
"product_id": "T054913"
}
},
{
"category": "product_version",
"name": "24.0.1-IF007",
"product": {
"name": "IBM Business Automation Workflow 24.0.1-IF007",
"product_id": "T054913-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.1-if007"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.0.0-IF009",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.0-IF009",
"product_id": "T054914"
}
},
{
"category": "product_version",
"name": "24.0.0-IF009",
"product": {
"name": "IBM Business Automation Workflow 24.0.0-IF009",
"product_id": "T054914-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0-if009"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-4969",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2011-4969"
},
{
"cve": "CVE-2012-6708",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2012-6708"
},
{
"cve": "CVE-2015-9251",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2019-11358",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2020-7656",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2020-7656"
},
{
"cve": "CVE-2024-29371",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2024-29371"
},
{
"cve": "CVE-2025-12183",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2025-12183"
},
{
"cve": "CVE-2025-14923",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2025-14923"
},
{
"cve": "CVE-2025-66566",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2025-66566"
},
{
"cve": "CVE-2026-33186",
"product_status": {
"known_affected": [
"T054914",
"T054913",
"T054912",
"T054911"
]
},
"release_date": "2026-05-31T22:00:00.000+00:00",
"title": "CVE-2026-33186"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…