Medium Severity

IBM Security Bulletin: Directory traversal vulnerability in IBM Robotic Process Automation with Automation Anywhere (CVE-2018-2006)

Feb 19, 2019 9:00 am EST | Medium Severity

IBM Robotic Process Automation with Automation Anywhere is vulnerable to directory traversal CVE(s): CVE-2018-2006 Affected product(s) and affected version(s): IBM Robotic Process Automation with Automation Anywhere Affected Versions IBM Robotic Process Automation with Automation Anywhere 11.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10794133X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155008 ...read more


IBM Security Bulletin: This Power System update is being released to address CVE-2018-8931

Feb 19, 2019 9:00 am EST | Medium Severity

Power8/Power9: In response to a security bypass vulnerability, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-8931. The P8 and P9 Processors have a “Self Boot Engine” (SBE) that is used to initialize the processor before Primary Boot Firmware takes over the IPL. The SBE’s code ...read more


IBM Security Bulletin: IBM Cloud Transformation Advisor is affected by a CVE-2018-1901 vulnerability

Feb 19, 2019 9:00 am EST | Medium Severity

IBM Cloud Transformation Advisor has addressed the following vulnerability. CVE-2018-1901 CVE(s): CVE-2018-1901 Affected product(s) and affected version(s):IBM Cloud Transformation Advisor Continuous Delivery Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10871892X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152530 ...read more


IBM Security Bulletin: Weaker than expected security in WebSphere Application Server with SP800-131 transition mode (CVE-2018-1996)

Feb 15, 2019 9:00 am EST | Medium Severity

There is a potential for weaker than expected security in WebSphere Application Server with SP800-131 transition mode and SSL_TLSv2. CVE(s): CVE-2018-1996 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation ...read more


IBM Security Bulletin: Vulnerability in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility

Feb 15, 2019 9:00 am EST | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE. CVE(s): CVE-2018-3180 Affected product(s) and affected version(s): IBM Installation Manager and IBM Packaging Utility versions 1.8.9.2 and earlier. Refer to the following ...read more


IBM Security Bulletin: IBM Security Guardium is affected by a Java vulnerability

Feb 15, 2019 9:00 am EST | Medium Severity

IBM Security Guardium has addressed the following vulnerability. CVE(s): CVE-2018-13785 Affected product(s) and affected version(s): Affected IBM Security Guardium Affected Versions IBM Security Guardium 9.0 -9.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10869590X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146015 ...read more


IBM Security Bulletin: IBM FileNet Content Manager and IBM Enterprise Content Management Text Search security vulnerability in Apache PDFBox

Feb 14, 2019 9:00 am EST | Medium Severity

Denial of service vulnerability may affect Apache PDFBox v1.8.15 used by IBM FileNet Content Manager and IBM Enterprise Content Management Text Search. CVE(s): CVE-2018-11797 Affected product(s) and affected version(s): FileNet Content Manager 5.2.1, 5.5.0, 5.5.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www.ibm.com/support/docview.wss?uid=ibm10734711X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150898 ...read more


IBM Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition

Feb 13, 2019 9:00 am EST | Medium Severity

Enterprise Content Management System Monitor has addressed the following vulnerability in IBM® SDK Java™ Technology Edition. This issue was disclosed as part of the IBM® SDK Java™ Technology Edition Quarterly CPU – Oct 2018 – Includes Oracle Oct 2018 CPU. CVE(s): CVE-2018-3180 Affected product(s) and affected version(s): Enterprise Content Management System Monitor v5.5 Refer to ...read more


IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1783)

Feb 13, 2019 9:00 am EST | Medium Severity

There is a vulnerability in the GPFS component that is used by IBM PureApplication Service. IBM has released Version 2.2.5.3 for IBM PureApplication Service, in response to CVE-2018-1783. IBM PureApplication Service provides a GPFS pattern and addressed the applicable CVE. CVE(s): CVE-2018-1783 Affected product(s) and affected version(s): IBM PureApplication Service V2.2.3.0 IBM PureApplication Service V2.2.3.1 ...read more