Lucene search
IBMB3B45E83BF6B33A0EB69850F973CD378A00F86B0910DCAFB7B4D94EAA2CBF764HistoryApr 16, 2021 - 7:03 a.m.
Security Bulletin: A vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-10237)
2021-04-1607:03:18
www.ibm.com
42
0.013 Low
EPSS
Percentile
85.7%
Summary
A vulnerability on unbounded memory allocation was addressed by IBM Operations Analytics - Log Analysis.
Vulnerability Details
CVEID:CVE-2018-10237
**DESCRIPTION:**Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/142508 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Log Analysis | 1.3.1 |
| Log Analysis | 1.3.2 |
| Log Analysis | 1.3.3 |
| Log Analysis | 1.3.4 |
| Log Analysis | 1.3.5 |
| Log Analysis | 1.3.6 |
Remediation/Fixes
| Principal Product and Version(s) : | Fix details |
|---|---|
| IBM Operations Analytics - Log Analysis version 1.3.x | Upgrade to Log Analysis version 1.3.7 |
| Download the 1.3.7-TIV-IOALA-FP here |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm smartcloud analytics | eq | 1.3. |
Related
ibm
ibm
veracode
veracode
Denial Of Service (DoS)
2018-04-27 02:51:59
Denial Of Service (DoS)
2019-01-15 09:24:40
osv
osv
CVE-2018-10237
2018-04-26 21:29:00
Denial of Service in Google Guava
2020-06-15 20:35:11
fedora
fedora
[SECURITY] Fedora 28 Update: guava20-20.0-6.fc28
2018-05-14 17:57:51
[SECURITY] Fedora 26 Update: guava-18.0-12.fc26
2018-05-14 18:02:27
[SECURITY] Fedora 28 Update: guava-24.0-3.fc28
2018-05-14 17:57:49
nessus
nessus
RHEL 7 : guava (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 26 : guava (2018-db8f322bb0)
2018-05-15 00:00:00
Fedora 28 : guava (2018-54a5bcc7e4)
2019-01-03 00:00:00
github
github
Denial of Service in Google Guava
2020-06-15 20:35:11
debiancve
debiancve
CVE-2018-10237
2018-04-26 21:29:00
openvas
openvas
Fedora Update for guava20 FEDORA-2018-bf292e6cdf
2018-05-16 00:00:00
Fedora Update for guava FEDORA-2018-e4c2507720
2018-05-20 00:00:00
Fedora Update for guava FEDORA-2018-54a5bcc7e4
2018-05-16 00:00:00
cgr
cgr
CVE-2018-10237 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2018-10237
2018-04-26 21:29:00
ubuntucve
ubuntucve
CVE-2018-10237
2018-04-26 00:00:00
redhat
redhat
cvelist
cvelist
CVE-2018-10237
2018-04-26 21:00:00
redhatcve
redhatcve
CVE-2018-10237
2021-08-22 12:50:32
wolfi
wolfi
CVE-2018-10237 vulnerabilities
2024-05-29 03:07:31
prion
prion
Design/Logic Flaw
2018-04-26 21:29:00
cve
cve
CVE-2018-10237
2018-04-26 21:29:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00
0.013 Low
EPSS
Percentile
85.7%
Related for B3B45E83BF6B33A0EB69850F973CD378A00F86B0910DCAFB7B4D94EAA2CBF764