Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in FasterXML jackson-databind
CVEID:CVE-2019-14439
**DESCRIPTION:**A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/164744 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
Netcool Operations Insight - Cloud Native Event Analytics | 1.6.0 |
Upgrade Operations Insight to 1.6.0.1
None
CPE | Name | Operator | Version |
---|---|---|---|
netcool operations insight | eq | 1.6.0 |