Medium Severity

IBM Security Bulletin: Vulnerability affects IBM Cloud Object Storage SDK Java (June 2019)

Jun 22, 2019 9:01 am EDT | Medium Severity

Vulnerability affects IBM Cloud Object Storage SDK Java. It has been addressed in the latest SDK Java release. CVE(s): CVE-2019-12086 Affected product(s) and affected version(s): CVE-ID Affected SDK Releases CVE-2019-12086 IBM COS SDK Java releases prior to 2.5.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10887529X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161256 ...read more


IBM Security Bulletin: IBM MessageSight/MessageGateway is affected by the following jQuery vulnerability

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM MessageSight/MessageGateway has addressed the following jQuery vulnerability: CVE-2019-11358: jQuery mishandles jQuery.extend(true, {}, …) CVE(s): CVE-2019-11358 Affected product(s) and affected version(s): Affected IBM MessageSight Affected Versions IBM MessageSight 1.2.0.0 – 1.2.0.3 IBM MessageSight 2.0.0.0 – 2.0.0.2 IBM MessageSight 5.0.0.0 IBM MessageGateway 5.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more


IBM Security Bulletin: IBM API Connect is affected by a denial of service vulnerability in Node.js (CVE-2019-5737)

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2019-5737 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.6 IBM API Connect 2018.1-2018.4.1.4 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10882602X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158093 ...read more


IBM Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js lodash module vulnerability (CVE-2018-16487)

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js lodash module (CVE-2018-16487) CVE(s): CVE-2018-16487 Affected product(s) and affected version(s):IBM Cloud Transformation Advisor Continuous Delivery Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10872242X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156530 ...read more


IBM Security Bulletin: IBM MessageSight/MessageGateway is affected by the following WebSphere Application Server vulnerability

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM MessageSight/MessageGateway has addressed the following WebSphere Application Server vulnerability: CVE-2019-4046: IBM WebSphere Application Server is vulnerable to a denial of service, caused by improper handling of request headers CVE(s): CVE-2019-4046 Affected product(s) and affected version(s): Affected IBM MessageSight Affected Versions IBM MessageSight 1.2.0.0 – 1.2.0.3 IBM MessageSight 2.0.0.0 – 2.0.0.2 IBM MessageSight 5.0.0.0 IBM ...read more


IBM Security Bulletin: Vulnerabilities in OpenSSL affect QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter

Jun 20, 2019 9:00 am EDT | Medium Severity

The following vulnerabilities in OpenSSL have been addressed by QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter. CVE(s): CVE-2017-3738, CVE-2017-3737 Affected product(s) and affected version(s): Product Affected Version QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter Firmware Update ...read more


IBM Security Bulletin: IBM API Connect is affected by sensitive information leakage in LoopBack (CVE-2019-4382)

Jun 19, 2019 9:01 am EDT | Medium Severity

API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4382 Affected product(s) and affected version(s): IBM API Connect 5.0.0.0-5.0.8.6 iFix 1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10886747X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162162 ...read more


IBM Security Bulletin: Information Disclosure Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4377)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM Sterling B2B Integrator Standard Edition has addressed the information disclosure vulnerability CVE(s): CVE-2019-4377 Affected product(s) and affected version(s):IBM Sterling B2B Integrator 6.0.0.0 – 6.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887853X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162083 ...read more


IBM Security Bulletin: API Connect V2018 is impacted by sensitive information leak (CVE-2018-2013)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2018-2013 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 2018.1-2018.4.1.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882924X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155193 ...read more