Boletines de Vulnerabilidades

IBM Security Bulletin: Multiple Apache Tomcat vulnerabilities in IBM Algo Audit and Compliance (CVE-2013-4286, CVE-2013-4322, CVE-2013-4590, CVE-2014-0033)

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM Algo Audit and Compliance uses Apache Tomcat and is affected by multiple vulnerabilities identified in it, which could permit an attacker to compromise the web cache, bypass web application firewall protection and conduct XSS attacks, to cause a denial of service, to obtain sensitive information and to hijack a users session CVE(s): CVE-2013-4286, CVE-2013-4322, CVE-2013-4590 and CVE-2014-0033 Affected product(s) and affected version(s): IBM Algo Audit and Compliance versions 2.1 -

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_apache_tomcat_vulnerabilities_in_ibm_algo_audit_and_compliance_cve_2013_4286_cve_2013_4322_cve_2013_4590_cve_2014_0033?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2013-4286 ,CVE-2013-4322 ,CVE-2013-4590 ,CVE-2014-0033 ,CVE-2014-0416 ,CVE-2014-0453 ,CVE-2014-0460 and CVE-2014-0224.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-07-02

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT