Update now!  Code smuggling possible through gap in OpenSSL

Attackers could tamper with IBM Security Access Manager backend database

Attackers could attack systems with IBM’s access management solution Security Access Manager. Security Guardium Insights data monitoring software could also allow attackers onto computers. Security updates are available for download.

According to a warning message, attackers could use an SQL injection attack to manipulate the backend database. The vulnerability (CVE-2022-24407) has a threat level of “high” Mistake.

Two other vulnerabilities (CVE-2022-25709 “high“, CVE-2022-25710 “high’) relate to the OpenLDAP network protocol. Attackers could launch DoS attacks there. The developers state that the vulnerabilities in IBM Security Access Manager 9.0.7.2-ISS-ISAM-IF0004 to have closed.

IBM Security Guardium Insights is vulnerable to multiple vulnerabilities. The majority is with “medium“ classified. After successful attacks, attackers could gain unauthorized access to data. The repaired Version 2.0.2 according to a warning, should be prepared against the attacks.

(of)

To home page

MacBook Air M2: reports of aluminum paint peeling off Previous post MacBook Air M2: reports of aluminum paint peeling off
macOS 12.5: Problems with Hackintoshs and old machines Next post macOS 12.5: Problems with Hackintoshs and old machines