High Severity

IBM Security Bulletin: BigFix Platform 9.5.x / 9.2.x affected by multiple vulnerabilities (CVE-2018-0732, CVE-2018-0737, CVE-2018-14618, CVE-2018-1000301)

Share this post:

There are vulnerabilities in the OpenSSL and LibcURL libraries used by BigFix. These are addressed in the BigFix Platform 9.5.11 and 9.2.16 releases.

CVE(s): CVE-2018-0732, CVE-2018-0737, CVE-2018-14618, CVE-2018-1000301

Affected product(s) and affected version(s):

Affected IBM BigFix Platform

Affected Versions
BigFix Platform 9.5 – 9.5.10
BigFix Platform 9.2 – 9.2.15

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743283
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/149359
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143390

More stories

Security Bulletin: Vulnerability in BIND affects AIX (CVE-2021-25215)

Jul 29, 2021 8:04 pm EDT | High Severity

There is a vulnerability in BIND that affects AIX. ...read more


Security Bulletin: IBM® Db2® could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. (CVE-2020-4739)

Jul 28, 2021 8:06 pm EDT | High Severity

IBM Db2 on Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. ...read more


Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale.

Jul 28, 2021 8:02 pm EDT | High Severity

There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale, which could allow a remote attacker to inject arbitrary code in the system. ...read more