Maciej Grabiec

**Name of the Vulnerable Software and Affected Versions** Fortra's Core Privileged Access Manager (BoKS) versions 7.2.0 through 7.2.0.17 Fortra's Core Privileged Access Manager (BoKS) versions 8.1.0 through 8.1.0.22 Fortra's Core Privileged Access Manager (BoKS) versions 8.1.1 through 8.1.1.7 Fortra's Core Privileged Access Manager (BoKS) versions 9.0.0 through 9.0.0.1 Fortra's Core Privileged Access Manager (BoKS) 7.2 without hotfix #0474 on Linux, AIX, and Solaris **Description** A binary in the BoKS Server Agent component allows low privilege local users to dump data from the cache. **Recommendations** For versions 7.2.0 through 7.2.0.17, apply hotfix #0474 to resolve the issue. For versions 8.1.0 through 8.1.0.22, update to a version later than 8.1.0.22. For versions 8.1.1 through 8.1.1.7, update to a version later than 8.1.1.7. For versions 9.0.0 through 9.0.0.1, update to a version later than 9.0.0.1. For BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris, apply hotfix #0474 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** IBM InfoSphere DataStage version 11.7 **Description** The issue is related to a command injection vulnerability due to improper neutralization of special elements. **Recommendations** For IBM InfoSphere DataStage version 11.7, update to a version that fixes the command injection vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM InfoSphere Information Server version 11.7 **Description** The issue allows a remote attacker to expose sensitive information or consume memory resources through an XML External Entity Injection (XXE) attack when processing XML data. **Recommendations** For IBM InfoSphere Information Server version 11.7, update the software to a version that includes a fix for the XML External Entity Injection (XXE) attack, or as a temporary workaround, consider restricting XML data processing to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM Tivoli Workload Scheduler versions 9.4 through 9.5 **Description** The issue is caused by improper bounds checking, leading to a stack-based buffer overflow. A local attacker could exploit this to gain lower level privileges, potentially impacting the confidentiality, integrity, and availability of protected information. **Recommendations** For IBM Tivoli Workload Scheduler versions 9.4 and 9.5, consider applying security patches or updates to fix the improper bounds checking issue, which is causing the stack-based buffer overflow. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Hyperion Essbase Administration Services versions 11.1.2.4 through 21.2 **Description** The issue exists due to insufficient input validation in the EAS Console component of Oracle Hyperion Essbase Administration Services. This allows a remote attacker to gain unauthorized access to protected information via HTTP requests. Successful attacks can result in unauthorized access to critical data or complete access to all Hyperion Essbase Administration Services accessible data. **Recommendations** For versions 11.1.2.4 and 21.2, update to a version that includes the fix for this issue to prevent unauthorized access. As a temporary workaround, consider restricting access to the EAS Console component until a patch is available. Avoid using HTTP requests to access sensitive data in Hyperion Essbase Administration Services until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: IBM Security Identity Manager Adapters versions 6.0 through 7.0 Description: The issue is caused by improper bounds, leading to a heap-based buffer overflow. An authenticated user could overflow the buffer, causing the service to crash. Recommendations: For versions 6.0 and 7.0, update to a version that fixes the heap-based buffer overflow issue to prevent the service from crashing due to buffer overflow by an authenticated user. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Manager version 6.0.2 **Description** The issue is related to insufficient validation of incoming requests, which could allow a remote authenticated attacker to obtain sensitive data by sending specially crafted requests. This can lead to unauthorized access to protected information. **Recommendations** For IBM Security Identity Manager version 6.0.2, consider restricting access to sensitive data and validating all incoming requests to minimize the risk of exploitation. As a temporary workaround, restrict the use of the affected functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Manager version 6.0.2 **Description** The issue is related to insufficient access controls in the Password Synchronization Plug-in of IBM Security Identity Manager, which could allow a remote attacker to gain unauthorized access to protected information. Specifically, an authenticated malicious user could change the passwords of other users in the Windows AD environment when the IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. **Recommendations** For IBM Security Identity Manager version 6.0.2, consider restricting access to the Windows Password Synch Plug-in to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the privileges of authenticated users to prevent them from changing passwords of other users in the Windows AD environment.

**Name of the Vulnerable Software and Affected Versions** PeopleSoft Enterprise PeopleTools versions 8.56 through 8.58 **Description** The issue is related to insufficient access control in the Portal component of Oracle PeopleSoft Enterprise PeopleTools, allowing an unauthenticated attacker with logon to the infrastructure to compromise PeopleSoft Enterprise PeopleTools, potentially resulting in a takeover of the application. **Recommendations** For versions 8.56 through 8.58, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM InfoSphere Information Server versions 11.3, 11.5, and 11.7 **Description** The issue allows a remote attacker to execute arbitrary code on the system due to the deserialization of untrusted data. An attacker could exploit this by persuading a victim to visit a specially crafted Web site, resulting in the execution of arbitrary code on the system. **Recommendations** For IBM InfoSphere Information Server versions 11.3, 11.5, and 11.7, consider restricting access to untrusted data to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the deserialization of untrusted data until a fix is provided.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Manager version 6.0.0 **Description** The issue is related to the deserialization of untrusted data, which could allow a remote attacker to execute arbitrary code on the system. This can be achieved by persuading a victim to visit a specially crafted Web site. The vulnerability is associated with deficiencies in the deserialization mechanism. **Recommendations** For IBM Security Identity Manager version 6.0.0, consider restricting access to untrusted data to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the deserialization of untrusted data could help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Release Automation versions 6.5 and earlier **Description** The issue is caused by insecure deserialization of a specially crafted serialized object, which allows attackers to potentially execute arbitrary code. This can be exploited by a remote attacker using a specially formed serialized object, potentially leading to the execution of arbitrary code. **Recommendations** For CA Release Automation versions 6.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Astaro Security Gateway (aka ASG) version 7 **Description** The issue allows remote attackers to execute arbitrary code via a crafted request to "index.plx". **Recommendations** For Astaro Security Gateway (aka ASG) version 7, consider restricting access to the "index.plx" endpoint until a patch is available.