High Severity

Security Bulletin: Eclipse Jetty (Publicly disclosed vulnerability) affects Content Classifaction

Share this post:

Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Content Classification 8.8

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6373292

More stories

Security Bulletin: Vulnerability in Google Guava affects WebSphere Service Registry and Repository (CVE-2018-10237)

Jan 20, 2021 7:01 pm EST | High Severity

A vulnerability in Google Guava affects WebSphere Service Registry and Repository. This issue is also addressed by WebSphere Application Server shipped with WebSphere Service Registry and Repository. ...read more


Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4958)

Jan 20, 2021 7:01 pm EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The vulnerability is due to the RMI connectors that do not appear to be authenticated. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Jan 20, 2021 7:00 pm EST | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in July 2020 ...read more