Medium Severity

IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2018-1996)

Share this post:

WebSphere Application Server is shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

CVE(s): CVE-2018-1996

Affected product(s) and affected version(s):

Affected Product Name Affected Versions
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition V2.5, V2.5.0.1, V2.5.02. V2.5.0.3, V2.5.0.4, V2.5.0.5, V2.5.0.6, V2.5.0.7, V2.5.0.8, V2.5.0.9, V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3, V2.4.0.4, V2.4.0.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/960284
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/154650

More stories

Security Bulletin: SQL injection vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (BPM) (CVE-2019-4479)

Feb 26, 2020 7:00 pm EST | Medium Severity

IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. ...read more


Security Bulletin: Bypass security restrictions in WAS Liberty

Feb 26, 2020 7:00 pm EST | Medium Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability. Bypass security restrictions in WAS Liberty . ...read more


Security Bulletin: SQL Injection Vulnerability Affects IBM Sterling B2B Integrator EBICS (CVE-2019-4597)

Feb 25, 2020 7:00 pm EST | Medium Severity

IBM Sterling B2B Integrator has addressed the SQL injection vulnerability. ...read more