Security Bulletin: Potential security exposure when using InfoSphere BigInsights due to vulnerability in Jetty (CVE-2011-4461)
A vulnerability in Jetty allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. Flume in BigInsights uses Jetty which can be affected by this vulnerability. For additional information on this refer to the CVE reference.
Affected product(s) and Version(s):
IBM InfoSphere BigInsights version 1.1 through 1.4
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21620335
X-Force Database: http://xforce.iss.net/xforce/xfdb/72017