Ibm

Smartcloud Analytics Log Analysis

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-41750

  • EPSS 0.02%
  • Veröffentlicht 23.07.2025 11:15:12
  • Zuletzt bearbeitet 06.08.2025 19:48:43

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.

5.5

CVE-2024-40682

  • EPSS 0.03%
  • Veröffentlicht 23.07.2025 11:14:18
  • Zuletzt bearbeitet 06.08.2025 19:45:24

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input.

6.1

CVE-2024-40686

  • EPSS 0.04%
  • Veröffentlicht 23.07.2025 11:12:23
  • Zuletzt bearbeitet 06.08.2025 19:47:56

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attac...

5.5

CVE-2024-41751

  • EPSS 0.02%
  • Veröffentlicht 23.07.2025 11:09:44
  • Zuletzt bearbeitet 06.08.2025 19:49:22

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.

9.1

CVE-2019-4244

  • EPSS 0.67%
  • Veröffentlicht 10.12.2019 16:15:13
  • Zuletzt bearbeitet 21.11.2024 04:43:22

IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. IBM X-Force ID: 159518.

4.3

CVE-2019-4214

  • EPSS 0.15%
  • Veröffentlicht 22.11.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:19

IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.

6.1

CVE-2019-4215

  • EPSS 0.29%
  • Veröffentlicht 22.11.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:19

IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's cl...

4.9

CVE-2019-4216

  • EPSS 0.09%
  • Veröffentlicht 22.11.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:19

IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.

4.4

CVE-2019-4243

  • EPSS 0.09%
  • Veröffentlicht 22.11.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:22

IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517.

4.3

CVE-2013-6738

  • EPSS 0.48%
  • Veröffentlicht 24.04.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth au...