Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM0625E61A066F5236D2ED1A99CBEAB4AF1495F59F8CF6C258C67ADB539596D42D
HistoryDec 26, 2018 - 7:30 a.m.

Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2017-12624)

2018-12-2607:30:02
www.ibm.com
9

EPSS

0.002

Percentile

58.5%

JSON

Summary

There is a potential denial of service in Apache CXF that is used by WebSphere Application Server.

Vulnerability Details

CVEID: CVE-2017-12624
DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could exploit this vulnerability to cause the AX-WS and JAX-RS services stop responding.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135095&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

IBM Operations Analytics - Log Analysis version 1.3.5

Remediation/Fixes

Principal Product and Version(s) Fix details
IBM Operations Analytics - Log Analysis version 1.3.5 Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server (CVE-2017-12624)

Related

veracode 2
ibm 32
cve 1
nessus 3
prion 1
cvelist 1
osv 2
redhatcve 1
nvd 1
github 1
redhat 4
veracode
veracode
Denial Of Service (DoS)
2017-09-18 05:59:53
Denial Of Service (DoS)
2019-01-15 09:24:37
ibm
ibm
Security Bulletin: A security vulnerability has been identified in Apache CXF, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2017-12624).
2023-06-28 22:03:05
Security Bulletin: Open Source Apache CXF Vulnerablities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-12624)
2018-06-17 15:49:25
Security Bulletin: Security vulnerability in Apache affects IBM InfoSphere Master Data Management (CVE-2017-12624)
2022-04-27 10:23:01
cve
cve
CVE-2017-12624
2017-11-14 16:29:00
nessus
nessus
IBM WebSphere Application Server 9.0.x < 9.0.0.7 DoS (CVE-2017-12624)
2020-10-20 00:00:00
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 (RHSA-2018:2424)
2018-08-21 00:00:00
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL 6 (RHSA-2018:2423)
2018-08-21 00:00:00
prion
prion
Design/Logic Flaw
2017-11-14 16:29:00
cvelist
cvelist
CVE-2017-12624
2017-11-14 16:00:00
osv
osv
CVE-2017-12624
2017-11-14 16:29:00
Improper Input Validation in Apache CXF
2022-05-13 01:09:20
redhatcve
redhatcve
CVE-2017-12624
2019-10-08 11:12:52
nvd
nvd
CVE-2017-12624
2017-11-14 16:29:00
github
github
Improper Input Validation in Apache CXF
2022-05-13 01:09:20
redhat
redhat
(RHSA-2018:2424) Important: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 security update
2018-08-15 11:19:18
(RHSA-2018:2425) Important: Red Hat JBoss Enterprise Application Platform 7.1 security update
2018-08-15 11:19:19
(RHSA-2018:2423) Important: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL 6 security update
2018-08-15 11:19:15

EPSS

0.002

Percentile

58.5%

JSON
Related for 0625E61A066F5236D2ED1A99CBEAB4AF1495F59F8CF6C258C67ADB539596D42D
veracode2ibm32cve1nessus3prion1cvelist1osv2redhatcve1nvd1github1redhat4