Low Severity

IBM Security Bulletin: A vulnerability in Apache Commons Compress may affect IBM Cloud App Management V2018

Share this post:

There is a vulnerability in Apache Commons Compress used by IBM® Cloud App Management V2018. IBM® Cloud App Management has addressed the applicable CVE in a later version.

CVE(s): CVE-2018-11771

Affected product(s) and affected version(s):

IBM Cloud App Management V2018.2.0
IBM Cloud App Management V2018.4.0
IBM Cloud App Management V2018.4.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10883280
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148429

More stories

IBM Security Bulletin: Mozilla Firefox vulnerability in IBM SONAS (CVE-2019-11708)

Jul 10, 2019 9:03 am EDT | Low Severity

There is a security vulnerability in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.11 of IBM SONAS CVE(s): CVE-2019-11708 Affected product(s) and affected version(s): IBM SONAS The product is affected when running code releases 1.5.1.0 to 1.5.2.11 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958151X-Force ...read more


IBM Security Bulletin: A vulnerability in IBM Websphere Application Server could affect IBM Cloud App Management

Jul 8, 2019 9:00 am EDT | Low Severity

There is a vulnerability in IBM Websphere Application Server used by IBM® Cloud App Management. WebSphere Application Server could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM® Cloud App Management has addressed the applicable CVE in a later version. CVE(s): CVE-2018-1902 Affected product(s) ...read more


IBM Security Bulletin: IBM Tivoli Netcool Impact Session Management – Session Fixation

Jul 2, 2019 9:01 am EDT | Low Severity

IBM Tivoli Netcool Impact did not implement proper Session Management. The attacker can fix the users session and lure the victim to login with the Arbitrary session he created, further results into Session hijacking. CVE(s): Not Applicable Affected product(s) and affected version(s): Affected IBM Tivoli Netcool Impact Affected Versions IBM Tivoli Netcool Impact 7.1.0 7.1.0.0 ...read more