Medium Severity

IBM Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2018-1797)

Share this post:

IBM WebSphere Application Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

CVE(s): CVE-2018-1797

Affected product(s) and affected version(s):

Principal Product and Version(s)

Affected Supporting Product and Version

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition V2.5, V2.5.0.1, V2.5.02. V2.5.0.3, V2.5.0.4, V2.5.0.5, V2.5.0.6, V2.5.0.7

  • WebSphere Application Server V8.5.5 through V8.5.5.14

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3, V2.4.0.4, V2.4.0.5

  • WebSphere Application Server V8.5.0.1 through V8.5.5.12

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10883970
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/149427

More stories

Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).

Sep 17, 2021 8:01 pm EDT | Medium Severity

IBM Aspera Webapps are vulnerable to cross-site scripting. See vulnerability details for more information. ...read more


Security Bulletin: IBM SDK, Java Tech Edition Quarterly CPU – Apr 2021 + Oracle Apr 2021; Jul 2021 + Oracle 2021 CPU

Sep 17, 2021 8:01 pm EDT | Medium Severity

This Security Bulletin provides steps for updating Java for Db2 Query Management Facility QMF Workstation and QMF Vision. ...read more


Security Bulletin: ISC DHCP for IBM i is affected by CVE-2021-25217

Sep 17, 2021 8:01 pm EDT | Medium Severity

ISC DHCP on IBM i is vulnerable to the issue described in the vulnerability details section. IBM i has addressed the vulnerability in the ISC DHCP implementation. ...read more