IBM Netezza Analytics Open Source James Clark Expat Multiple Vulnerabilities (swg22012645)

medium Nessus Plugin ID 106714

Synopsis

An enterprise data warehousing component installed on the remote Linux host is affected by multiple vulnerabilities.

Description

The version of IBM Netezza Analytics installed on the remote Linux host is 1.2.1 - 3.2.1. It is, therefore, affected by multiple vulnerabilities in the Open Source James Clark Expat component.

Solution

Upgrade to IBM Netezza Analytics version 3.2.2 or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg22012645

Plugin Details

Severity: Medium

ID: 106714

File Name: ibm_netezza_analytics_swg22012645.nasl

Version: 1.5

Type: local

Family: General

Published: 2/9/2018

Updated: 11/8/2019

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2013-0340

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:ibm:netezza

Required KB Items: installed_sw/IBM Netezza Platform Software

Exploit Ease: No known exploits are available

Patch Publication Date: 1/17/2018

Vulnerability Publication Date: 1/17/2018

Reference Information

CVE: CVE-2013-0340, CVE-2013-0341

BID: 58233