Low Severity

IBM Security Bulletin: A vulnerability in IBM Websphere Application Server could affect IBM Cloud App Management

Share this post:

There is a vulnerability in IBM Websphere Application Server used by IBM® Cloud App Management. WebSphere Application Server could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM® Cloud App Management has addressed the applicable CVE in a later version.

CVE(s): CVE-2018-1902

Affected product(s) and affected version(s):

IBM Cloud App Management V2018.2.0
IBM Cloud App Management V2018.4.0
IBM Cloud App Management V2018.4.1
IBM Cloud App Management V2019.2.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958231
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152531

More stories

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-1552)

Mar 18, 2020 8:00 pm EDT | Low Severity

OpenSSL vulnerabilities were disclosed on July 30, 2019 and September 10, 2019 by the OpenSSL Project. OpenSSL is used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services. ...read more


Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services v2.1.1

Mar 13, 2020 8:00 pm EDT | Low Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 used by Financial Transaction Manager for Corporate Payment Services v2.1.1. Financial Transaction Manager for Corporate Payment Services (FTM CPS) v2.1.1 has addressed the applicable CVE.If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether additional Java vulnerabilities are applicable to your code. For a complete list of vulnerabilities, refer to the "IBM Java SDK Security Bulletin", located in the References section for more information. ...read more