Multiple vulnerabilities in Netcool Operations Insight

1) Allocation of Resources Without Limits or Throttling

EUVDB-ID: #VU115167

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2025-58754

CWE-ID: CWE-770 - Allocation of Resources Without Limits or Throttling

Exploit availability: Yes

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits within data: URL decode. A remote attacker can cause a denial of service condition on the target system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Improper handling of case sensitivity

EUVDB-ID: #VU109959

Risk: Low

CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2025-46701

CWE-ID: CWE-178 - Improper Handling of Case Sensitivity

Exploit availability: Yes

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to an error when handling URLs on a case insensitive filesystem with security constraints configured for the <code>pathInfo</code> component of a URL that mapped to the CGI servlet. A remote attacker can bypass imposed security constraints via a specially crafted URL.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU68606

Risk: High

CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-16156

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect processing of signed code. A remote attacker trick the victim into downloading a malicious file, bypass signature verification procedure and compromise the affected system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Resource exhaustion

EUVDB-ID: #VU98776

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-49290

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability occurs when the p2c parameter is set too high in JWE's algorithm PBES2-*. A remote attacker can set the p2c parameter in JWE to a very large number, cause a lot of computational consumption, resulting in a denial of service

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Privilege Defined With Unsafe Actions

EUVDB-ID: #VU118715

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-23015

CWE-ID: CWE-267 - Privilege Defined With Unsafe Actions

Exploit availability: No

The vulnerability allows a remote user to escalate privileges on the target system.

The vulnerability exists due to improper input validation. A remote user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU69670

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3509

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing textformat data. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper input validation

EUVDB-ID: #VU71253

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3510

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Policy (Google Protobuf-Java) component in Oracle Communications Cloud Native Core Policy. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Code Injection

EUVDB-ID: #VU111977

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-29409

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote user can send a specially crafted request and execute arbitrary code via the Content-Type header on the target system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Incorrect authorization

EUVDB-ID: #VU115217

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-5187

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

The vulnerability allows a node user to escalate privileges on the system.

The vulnerability exists due to incorrect authorization in the NodeRestriction admission controller. A node user can delete and then recreate its node object with modified taints or labels.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Insufficient verification of data authenticity

EUVDB-ID: #VU97732

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-25638

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper response validation when handling DNS queries. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. A remote attacker can bypass DNSSEC restrictions.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper Authorization

EUVDB-ID: #VU111971

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:L/SI:L/SA:L/E:U/U:Clear]

CVE-ID: CVE-2025-4563

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

The vulnerability allows a malicious node to bypass dynamic resource allocation authorization checks.

The vulnerability exists due to missing authorization checks in DynamicResourceAllocation feature gate within the NodeRestriction admission controller. A malicious node can create mirror pods that access unauthorized dynamic resources, leading to denial of service or potential privilege escalation. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Input validation error

EUVDB-ID: #VU118721

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-9042

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote privileged user to execute arbitrary commands.

The vulnerability exists due to insufficient validation of user-supplied input. A remote user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Inefficient regular expression complexity

EUVDB-ID: #VU105984

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-27789

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper input validation

EUVDB-ID: #VU65496

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-21541

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Input validation error

EUVDB-ID: #VU112257

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-31672

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to manipulate file parsing behavior.

The vulnerability stems from the way Apache POI handles zip entries in OOXML format files. When duplicate file names (including paths) exist within the zip structure, different products may select different zip entries with the same name, leading to inconsistent data interpretation. A remote attacker can manipulate file parsing behavior through specially crafted OOXML files containing ZIP entries with duplicate file names. This manipulation can result in inconsistent data processing across different systems, potentially leading to security issues and data integrity concerns.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Path traversal

EUVDB-ID: #VU106082

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-27553

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing double dots, e.g. ".." in file names. A remote attacker can view files outside of the current scope.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource exhaustion

EUVDB-ID: #VU98518

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-9823

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the DoSFilter. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Resource exhaustion

EUVDB-ID: #VU103769

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-25193

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application attempts to load a file that does not exist. A local user can create a large file on the system and crash the application.

Note, the vulnerability affects Windows installations only.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Resource management error

EUVDB-ID: #VU100259

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47535

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an unsafe reading of an environment file on Windows. A local user can create an overly large file and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU104099

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-56171

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Stack-based buffer overflow

EUVDB-ID: #VU104098

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-24928

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the xmlSnprintfElements() function in valid.c. A remote attacker can pass specially crafted XML data to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Memory corruption

EUVDB-ID: #VU9687

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-9047

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the xmlSnprintfElementContent function of XMLSoft libxml2 due to improper memory handling by the valid.c source code. A remote attacker can send a specially crafted XML file, trigger memory corruption and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

23) Link following

EUVDB-ID: #VU104138

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45339

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

The vulnerability allows a local user to overwrite arbitrary files on the system.

The vulnerability exists due to insecure link following when writing log files. A local user can point a symbolic link to a critical file on the system and overwrite it with the log data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Resource exhaustion

EUVDB-ID: #VU110250

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-47950

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the DNS-over-QUIC (DoQ) server implementation in server_quic.go. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU109242

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:P/U:Green]

CVE-ID: CVE-2025-23167

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: Yes

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP/1 headers in llhttp. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

26) Input validation error

EUVDB-ID: #VU105485

Risk: Critical

CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-24813

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when handling file uploads via HTTP PUT requests. A remote attacker can send a specially crafted HTTP PUT request to the server and gain access to sensitive information or even execute arbitrary code.

If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:

• writes enabled for the default servlet (disabled by default)
• support for partial PUT (enabled by default)
• a target URL for security sensitive uploads that is a sub-directory of a target URL for public uploads
• attacker knowledge of the names of security sensitive files being uploaded
• the security sensitive files also being uploaded via partial PUT

If all of the following were true, a malicious user was able to perform remote code execution:

• writes enabled for the default servlet (disabled by default)
• support for partial PUT (enabled by default)
• application was using Tomcat's file based session persistence with the default storage location
• application included a library that may be leveraged in a deserialization attack

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

27) Improper input validation

EUVDB-ID: #VU65497

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-21540

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper authentication

EUVDB-ID: #VU115164

Risk: High

CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-58060

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process when the AuthType is set to a value other than "Basic". A remote attacker can send a request with "Authorization: Basic" header, which lead to the application does not check the password and considers the user authenticated. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Path traversal

EUVDB-ID: #VU109840

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-47273

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to input validation error when processing directory traversal sequences in package_index.py. A remote attacker can trick the victim into installing a specially crafted script and overwrite arbitrary files on the system, leading to code execution.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Double free

EUVDB-ID: #VU113187

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-8058

CWE-ID: CWE-415 - Double Free

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the regcomp() function in case previous memory allocations fail. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Heap-based buffer overflow

EUVDB-ID: #VU112992

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-32989

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. A remote attacker can supply a specially crafted X.509 certificate to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Improper input validation

EUVDB-ID: #VU30078

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-14578

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Improper input validation

EUVDB-ID: #VU30079

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-14579

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Link following

EUVDB-ID: #VU111967

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-4330

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an insecure link following issue when extracting data from an archive in the tarfile module. A remote attacker can pass a specially crafted archive to the application and overwrite arbitrary files outside the destination directory.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Expected behavior violation

EUVDB-ID: #VU111970

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-4435

CWE-ID: CWE-440 - Expected Behavior Violation

Exploit availability: No

The vulnerability allows a remote attacker to change expected behavior. 

The vulnerability exists due to an error when using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior. A remote attacker can force the application to extract files that were meant to be skipped. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Infinite loop

EUVDB-ID: #VU113738

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-8194

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the “tarfile” module when handling tar archives with negative offsets. A remote attacker can pass a specially crafted tar archive to the application and consume all available system resources, resulting in a deadlock and a denial of service. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Inadequate Encryption Strength

EUVDB-ID: #VU118716

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-55039

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the use of an insecure default network encryption cipher for RPC communication between nodes. When spark.network.crypto.enabled is set to true (it is set to false by default), but spark.network.crypto.cipher is not explicitly configured, Spark defaults to AES in CTR mode (AES/CTR/NoPadding), which provides encryption without authentication. A remote man-in-the-middle attacker can modify encrypted RPC traffic undetected by flipping bits in ciphertext, potentially compromising heartbeat messages or application data and affecting the integrity of Spark workflows.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Code Injection

EUVDB-ID: #VU107638

Risk: Critical

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Red]

CVE-ID: CVE-2025-1302

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

39) Input validation error

EUVDB-ID: #VU100117

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2024-21534

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote attacker to compromise the affected application.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can exploit the unsafe default usage of vm in Node and execute arbitrary code on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

40) Resource exhaustion

EUVDB-ID: #VU88136

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-27268

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Out-of-bounds write

EUVDB-ID: #VU105715

Risk: Critical

CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-27363

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can pass a specially crafted font to the application that is using an affected version of the library, trigger an out-of-bounds write and execute arbitrary code on the target system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

42) Improper input validation

EUVDB-ID: #VU52449

Risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-2163

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Input validation error

EUVDB-ID: #VU69293

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3171

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input containing multiple instances of non-repeated embedded messages with repeated or unknown fields. A remote attacker can cause objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Incorrect permission assignment for critical resource

EUVDB-ID: #VU111975

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-29869

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. A local user with access to the directory can read the sensitive information written into this file.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Security features bypass

EUVDB-ID: #VU98795

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-38820

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to String.toLowerCase() has some Locale dependent exceptions when handling case insensitive patterns in DataBinder. A remote attacker can bypass implemented security restrictions by passing specially crafted data to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Security features bypass

EUVDB-ID: #VU62314

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2022-22968

CWE-ID: CWE-254 - Security Features

Exploit availability: Yes

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to patterns for disallowedFields on a DataBinder are case sensitive, which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. A remote attacker can bypass implemented security restrictions by passing case sensitive data to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

47) Improper input validation

EUVDB-ID: #VU117436

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-8916

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Security and Provisioning (Bouncy Castle Java Library) component in Oracle Essbase. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Incorrect default permissions

EUVDB-ID: #VU97712

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-23454

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the RunJar.run() method does not set permissions for temporary directory by default. A local user with access to the system can view contents of files and directories.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Improper input validation

EUVDB-ID: #VU33719

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-3136

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Security component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Improper input validation

EUVDB-ID: #VU33720

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-3139

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper input validation

EUVDB-ID: #VU25094

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-2659

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper input validation

EUVDB-ID: #VU27230

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-2756

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Serialization component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Improper input validation

EUVDB-ID: #VU27231

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-2757

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Serialization component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper input validation

EUVDB-ID: #VU27229

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-2773

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Security component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Use-after-free

EUVDB-ID: #VU107155

Risk: High

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-31498

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the read_answers() function. A remote attacker can send specially crafted ICMP UNREACHABLE packets to the application, trigger a use-after-free error and execute arbitrary code on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Integer overflow

EUVDB-ID: #VU105799

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40635

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow when handling a UID:GID larger than the maximum 32-bit signed integer. A local user can pass a large user identifier value to the application, trigger an integer overflow and execute arbitrary code on the target system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Untrusted search path

EUVDB-ID: #VU109844

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-4802

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted LD_LIBRARY_PATH environment variable. A local user can use the LD_LIBRARY_PATH environment variable to point to a malicious binary and execute arbitrary code with escalated privileges.

The vulnerability affects statically linked setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU86988

Risk: Low

CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-50312

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

The vulnerability allows an adjacent attacker to gain access to potentially sensitive information.

The vulnerability exists due to weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. An adjacent attacker can gain unauthorized access to sensitive information on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Buffer overflow

EUVDB-ID: #VU112106

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-52999

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when parsing deeply nested JSON files. A remote attacker can pass a specially crafted JSON file to the application, trigger memory corruption and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Uncontrolled Recursion

EUVDB-ID: #VU112882

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-4565

CWE-ID: CWE-674 - Uncontrolled Recursion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

the vulnerability exists due to uncontrolled recursion when parsing untrusted data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags. A remote attacker send specially crafted input to the application and can perform a denial of service attack. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Integer overflow

EUVDB-ID: #VU111913

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-23337

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in src/jv.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Heap-based buffer overflow

EUVDB-ID: #VU111912

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-48060

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the jv_string_vfmt() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Cross-site scripting

EUVDB-ID: #VU118669

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-9910

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and inject malicious scripts into HTML payloads that may lead to code execution if untrusted payloads were used as source for the diff, and the result renderer using the built-in html formatter on a private website.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Heap-based buffer overflow

EUVDB-ID: #VU11496

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-17095

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in tools/pal2rgb.c in pal2rgb due to heap-based buffer overflow. A remote attacker can trigger memory corruption and cause the service to crash.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Input validation error

EUVDB-ID: #VU105387

Risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-27516

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to sandbox breakout through attr filter selecting format method. A local user can execute arbitrary code on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Information disclosure

EUVDB-ID: #VU106083

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-30474

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error in the FtpFileObject class, that can expose passwords in clear text. A remote attacker can gain unauthorized access to sensitive information.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Improper input validation

EUVDB-ID: #VU107520

Risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-21587

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Improper input validation

EUVDB-ID: #VU107521

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-30698

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the 2D component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Information disclosure

EUVDB-ID: #VU105105

Risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-27221

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to URI#join, URI#merge, and URI#+ methods retain sensitive information, such as user:password, even after the host is replaced. A remote attacker can gain access to sensitive information.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Improper input validation

EUVDB-ID: #VU33715

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2018-3149

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the JNDI component in JRockit. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

71) Resource management error

EUVDB-ID: #VU60181

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2021-22569

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: Yes

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application. protobuf-java allowes the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. A remote attacker can trick the victim into passing specially crafted data to the application and perform a denial of service attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

72) Improper input validation

EUVDB-ID: #VU33714

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-3169

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Hotspot component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper input validation

EUVDB-ID: #VU33713

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-3209

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the JavaFX component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Improper input validation

EUVDB-ID: #VU25077

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-2604

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Java component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Improper input validation

EUVDB-ID: #VU27212

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-2803

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Java component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Improper input validation

EUVDB-ID: #VU27219

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-2805

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Libraries component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Improper input validation

EUVDB-ID: #VU62398

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-21476

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Improper input validation

EUVDB-ID: #VU65495

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2022-34169

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote non-authenticated attacker to compromise the affected system.

The vulnerability exists due to an integer truncation issue when processing malicious XSLT stylesheets. A remote non-authenticated attacker can pass specially crafted data to the application to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

79) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU104035

Risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-26465

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect processing of user-supplied data in ssh(1). A remote attacker can perform server impersonation when VerifyHostKeyDNS enabled.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Deserialization of Untrusted Data

EUVDB-ID: #VU83219

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-39410

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to reader can consume memory beyond the allowed constraints and thus lead to out of memory on the system, when deserializing untrusted or corrupted data. A remote attacker can pass specially crafted data to the application and perform a denial of service attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU94616

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-6104

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. A local user can read the log files and gain access to sensitive data obtain from HTTP requests.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Server-Side Request Forgery (SSRF)

EUVDB-ID: #VU112146

Risk: High

CVSSv4.0: 7.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:P/U:Amber]

CVE-ID: CVE-2025-27817

CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)

Exploit availability: Yes

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input in Apache Kafka Client. The application accepts configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

83) Improper error handling

EUVDB-ID: #VU107996

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2025-31650

CWE-ID: CWE-388 - Error Handling

Exploit availability: Yes

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient error handling for certain invalid HTTP priority headers. A remote attacker can send a large amount of specially crafted HTTP requests to the server and consume all available memory, resulting in a denial of service condition.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

84) Integer overflow

EUVDB-ID: #VU14544

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-13785

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to integer overflow when a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c). A remote attacker can send a specially crafted PNG file, trigger divide-by-zero error and cause the service to crash.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Buffer overflow

EUVDB-ID: #VU18304

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-14048

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing images within the png_free_data() function in png.c. A remote attacker can create a specially crafted image, pass it to the affected application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Improper input validation

EUVDB-ID: #VU33716

Risk: Low

CVSSv4.0: 3.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-3211

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Serviceability component in Java SE Embedded. A local authenticated user can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Improper input validation

EUVDB-ID: #VU27221

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-2781

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JSSE component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Improper input validation

EUVDB-ID: #VU27224

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-2800

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Lightweight HTTP Server component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Improper input validation

EUVDB-ID: #VU27222

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-2830

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Concurrency component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Insecure temporary file

EUVDB-ID: #VU101797

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54661

CWE-ID: CWE-377 - Insecure Temporary File

Exploit availability: No

The vulnerability allows a local user to overwrite arbitrary files on the system.

The vulnerability exists due to usage of a predictable temporary file name in readline.sh. A local user can create a symbolic link from the temporary file to an arbitrary files on the system and overwrite it with the application's output, corrupting the file.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Improper error handling

EUVDB-ID: #VU109241

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-23166

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling in async cryptographic operations within the SignTraits::DeriveBits() function. A remote attacker can send specially crafted input to the application can crash the Node.js runtime.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Improper authorization

EUVDB-ID: #VU101777

Risk: Medium

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2024-45337

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: Yes

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

93) Uncontrolled Recursion

EUVDB-ID: #VU97574

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-7254

CWE-ID: CWE-674 - Uncontrolled Recursion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. A remote attacker can pass specially crafted input to the application to create unbounded recursions and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Information disclosure

EUVDB-ID: #VU100780

Risk: Medium

CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-31141

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a remote user to escalate privileges within the application.

The vulnerability exists due to the way Apache Kafka Clients handles custom configurations. A remote user with access to REST API can read arbitrary files and variables on the system and escalate their privileges filesystem/environment access.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Out-of-bounds read

EUVDB-ID: #VU81168

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-40403

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in libxslt. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Authentication Bypass by Spoofing

EUVDB-ID: #VU99975

Risk: High

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-51504

CWE-ID: CWE-290 - Authentication Bypass by Spoofing

Exploit availability: No

The vulnerability allows a remote attacker to bypass IP-based authentication.

The vulnerability exists due to IPAuthenticationProvider is using the X-Forwarded-For HTTP  header when authenticated users by IP address in the Admin Server. A remote attacker can pass a trusted IP addresses via the X-Forwarded-For HTTP  header and gain unauthorized access to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Acceptance of Extraneous Untrusted Data With Trusted Data

EUVDB-ID: #VU113077

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-5994

CWE-ID: CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data

Exploit availability: No

The vulnerability allows a remote attacker to perform cache poisoning attacks.

The vulnerability exists due to a logic error in the EDNS Client Subnet (ECS) implementation. A remote attacker can perform cache poisoning attacks against Unbound servers with ECS support, a.k.a. Rebirthday Attack.

Successful exploitation of the vulnerability requires that the server is compiled with '--enable-subnet' and configured to send ECS information to upstream name servers with at least one of the 'send-client-subnet', 'client-subnet-zone' or 'client-subnet-always-forward' options.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Integer overflow

EUVDB-ID: #VU111225

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-6021

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the xmlBuildQName() function in tree.c . A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Heap-based buffer overflow

EUVDB-ID: #VU107596

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-32415

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the xmlSchemaIDCFillNodeTables() function. A remote attacker can pass specially crafted XML data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Uncaught Exception

EUVDB-ID: #VU113032

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-7338

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncaught exception. A remote user can send a specially crafted multi-part upload request and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Resource exhaustion

EUVDB-ID: #VU103436

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-11187

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Information Exposure Through Timing Discrepancy

EUVDB-ID: #VU112037

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-23953

CWE-ID: CWE-208 - Information Exposure Through Timing Discrepancy

Exploit availability: No

The vulnerability allows a remote user to modify data on the system.

The vulnerability occurs when an application doesn’t use a constant-time algorithm for validating a signature. A remote user can use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures and forge a valid signature for an arbitrary message byte by byte.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Input validation error

EUVDB-ID: #VU98024

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-47561

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when parsing schema in Java SDK. A remote attacker can pass specially crafted schema to the application and execute arbitrary code on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Improper Authentication

EUVDB-ID: #VU118708

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27137

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

The vulnerability allows a local user to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. A local user can trick the victim into opening a specially crafted file to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU46223

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-13946

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due application allows remote method invocation. A local user with limited access to the system can use RMI rebind attack vector to perform a MitM attack and obtain user names and passwords used to access the JMX interface.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Incorrect authorization

EUVDB-ID: #VU118677

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-24860

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability in Apache Cassandra allows users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuthorizer.. A remote user with restricted data center access can update their own permissions via data control language (DCL) statements on affected versions.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Missing authorization

EUVDB-ID: #VU107966

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-22235

CWE-ID: CWE-862 - Missing Authorization

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in EndpointRequest.to() implementation. The function creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. A remote non-authenticated attacker can gain unauthorized access to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Link following

EUVDB-ID: #VU110252

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-0913

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an insecure link following issue within the os.OpenFile(path, os.O_CREATE|O_EXCL) method when handling dangling symlinks on Windows systems. A local user can create a specially crafted symbolic link and write arbitrary files to the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Inefficient regular expression complexity

EUVDB-ID: #VU101895

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-52798

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Inefficient regular expression complexity

EUVDB-ID: #VU98132

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45296

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Input validation error

EUVDB-ID: #VU106253

Risk: Medium

CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2025-22870

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote attacker to alter application's behavior.

The vulnerability exists due to insufficient validation of an IPv6 zone ID as a hostname component, when matching hosts against proxy patterns. For instance the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied. A remote attacker can alter application behavior and potentially  gain access to sensitive information or functionality.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

112) Improper input validation

EUVDB-ID: #VU103159

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-21502

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Resource exhaustion

EUVDB-ID: #VU98025

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-47554

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling untrusted input passed to the org.apache.commons.io.input.XmlStreamReader class. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Out-of-bounds read

EUVDB-ID: #VU64274

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-29458

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in convert_strings in tinfo/read_entry.c in the terminfo library. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Information Exposure Through an Error Message

EUVDB-ID: #VU116606

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-49128

CWE-ID: CWE-209 - Information Exposure Through an Error Message

Exploit availability: No

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array instead of the logical payload start. This results in possible information disclosure in systems using pooled or reused buffers, like Netty or Vert.x. A local user can gain unauthorized access to sensitive information on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Memory leak

EUVDB-ID: #VU111105

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-47935

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due to improper stream handling. When the HTTP request stream emits an error, the internal `busboy` stream is not closed, violating Node.js stream safety guidance. A remote attacker can force the application to leak memory and perform denial of service attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Uncaught Exception

EUVDB-ID: #VU111106

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-47944

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can send a malformed multi-part upload request and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Resource exhaustion

EUVDB-ID: #VU115794

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-58767

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when parsing invalid XML containing multiple XML declarations. A local attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) Use-after-free

EUVDB-ID: #VU111221

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-49794

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the xmlSchematronGetNode() function when processing XPath expressions in Schematron schema elements schematron.c. A remote attacker can pass specially crafted XML input to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Type Confusion

EUVDB-ID: #VU111223

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-49796

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error within the xmlSchematronFormatReport() function when processing sch:name elements in schematron.c. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and crash the application. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Double free

EUVDB-ID: #VU111143

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-5914

CWE-ID: CWE-415 - Double Free

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the archive_read_format_rar_seek_data() function. A remote attacker can pass specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Buffer overflow

EUVDB-ID: #VU113156

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-6965

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing aggregated terms. A remote attacker can pass specially crafted input to the application where the number of aggregate terms exceeds the number of columns available, trigger memory corruption and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU113533

Risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-7425

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the xsltSetSourceNodeFlags() function. A remote attacker can pass specially crafted XML input to the application, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Improper access control

EUVDB-ID: #VU111389

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-6020

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper access restrictions within the pam_namespace module when handling user-controlled paths. A local user can use specially crafted symlinks and race conditions to execute arbitrary code as root. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Protection Mechanism Failure

EUVDB-ID: #VU110253

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-22874

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in crypto/x509 when using ExtKeyUsageAny. When calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny it disables policy validation.

This only affected certificate chains which contain policy graphs, which are rather uncommon.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Stack-based buffer overflow

EUVDB-ID: #VU105723

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-8176

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling XML content. A remote attacker can pass specially crafted XML content to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Path traversal

EUVDB-ID: #VU111969

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-12718

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote attacker to modify arbitrary files on the system.

The vulnerability exists due to input validation error in the tarfile module. A remote attacker can pass a specially crafted archive to the application and modify some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) Inefficient regular expression complexity

EUVDB-ID: #VU105107

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-27220

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions in CGI::Util#escapeElement. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Resource exhaustion

EUVDB-ID: #VU108769

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2025-27533

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: Yes

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources during unmarshalling of OpenWire commands. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

130) Out-of-bounds read

EUVDB-ID: #VU28930

Risk: Medium

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-13790

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. A remote attacker can perform a denial of service attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Input validation error

EUVDB-ID: #VU103970

Risk: Critical

CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-1094

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote attacker to execute arbitrary SQL queries in the database.

The vulnerability exists due to insufficient validation of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() and within the command line utility programs  when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. A remote attacker can pass specially crafted input to the application and execute arbitrary SQL queries in the database.

Note, the vulnerability is being actively exploited in the wild.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

132) Always-Incorrect Control Flow Implementation

EUVDB-ID: #VU108925

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-32996

CWE-ID: CWE-670 - Always-Incorrect Control Flow Implementation

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to writeBody can be called twice because "else if" is not used. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Improper Check for Unusual or Exceptional Conditions

EUVDB-ID: #VU108924

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-32997

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

Exploit availability: No

The vulnerability allows a remote attacker to modify data on the system.

The vulnerability exists due to improper error handling. A remote attacker can send specially crafted data to the application and modify data on the system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Resource management error

EUVDB-ID: #VU104215

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-0426

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when handling HTTP requests at the "/checkpoint" endpoint. A remote attacker can send a large number of HTTP requests to the affected endpoint and perform a denial of service (DoS) attack by filling up the disk space.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Privilege Chaining

EUVDB-ID: #VU114006

Risk: High

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-36124

CWE-ID: CWE-268 - Privilege Chaining

Exploit availability: No

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to failure to honor JMS messaging configuration. A remote attacker can trigger the vulnerability to bypass security restrictions

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Input validation error

EUVDB-ID: #VU98760

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47764

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied cookies. A remote attacker can pass a specially crafted cookie to the application and alter values passed to the application.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Improper authentication

EUVDB-ID: #VU103771

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-12797

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when using RFC7250 Raw Public Keys (RPKs) to authenticate a server. TLS and DTLS connections using raw public keys are vulnerable to man-in-middle attacks when server authentication failure is not detected by clients.

Note, the vulnerability can be exploited only when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Resource exhaustion

EUVDB-ID: #VU101868

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-45338

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in several Parse functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Denial of service

EUVDB-ID: #VU6663

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-9840

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in zlib due to out-of-bounds pointer arithmetic in inftrees.c. A remote attacker can send a specially crafted document, trick the victim into opening it, and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Insufficiently protected credentials

EUVDB-ID: #VU111716

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-47081

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to the library leaks .netrc credentials to third parties for specific maliciously-crafted URLs. A remote attacker can gain access to sensitive information. 

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Code Injection

EUVDB-ID: #VU118675

Risk: High

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-35036

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to Hibernate Validator by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7252085

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Code Injection

EUVDB-ID: #VU25726

Risk: High

CVSSv4.0: 7.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-5245

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote authenticated attacker can inject arbitrary Java Expression Language expressions when using the self-validating feature and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

Netcool Operations Insight: 1.4.0 - 1.6.14

• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:netcool_operations_insight:1.4.2:*:*:*:*:*:*:*