Medium Severity

IBM Security Bulletin: Cacheable HTTPS Response vulnerability affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition (CVE-2019-4461)

Share this post:

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise has identified and addressed the Cacheable HTTPS Response vulnerability.

CVE(s): CVE-2019-4461

Affected product(s) and affected version(s):

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4, 2.5.0.5, 2.5.0.6, 2.5.0.7, 2.5.0.8, 2.5.0.9

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3, 2.4.0.4, 2.4.0.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1072684
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163682

More stories

Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7

Apr 8, 2020 8:01 pm EDT | Medium Severity

Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7. CVE-2019-9948 and CVE-2019-9947 are fixed in RHEL7 as part of Errata RHSA-2019:2030 (https://access.redhat.com/errata/RHSA-2019:2030). This update is included in Resilient 34.1.53, released on September 17, 2019, and subsequent versions. ...read more


Security Bulletin: IBM Resilient OnPrem does not properly limit the number or frequency of pssword reset interactions

Apr 8, 2020 8:00 pm EDT | Medium Severity

IBM Resilient OnPrem does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests for password reset ...read more


Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability in IBM® Runtime Environment Java™ Version 8

Apr 8, 2020 8:00 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Scale Transparent Cloud Tiering. The IBM Spectrum Scale Transparent Cloud Tiering have addressed the applicable CVE. ...read more