Low Severity

IBM Security Bulletin: Client certificates can be spoofed in Liberty for Java for IBM Cloud (CVE-2018-1902)

Share this post:

There is a potential spoofing vulnerability in IBM WebSphere Application Server.

CVE(s): CVE-2018-1902

Affected product(s) and affected version(s):
This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.29.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884316
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152531

More stories

IBM Security Bulletin: IBM MQ Appliance affected by an OpenSSH vulnerability (CVE-2019-6110)

Aug 19, 2019 12:09 pm EDT | Low Severity

IBM MQ Appliance has addressed the following OpenSSH vulnerability. CVE(s): CVE-2019-6110 Affected product(s) and affected version(s): IBM MQ Appliance 8 Maintenance levels between 8.0.0.0 and 8.0.0.11 IBM MQ Appliance 9.1 Long Term Support (LTS) Release Maintenance levels between 9.1.0.0 and 9.1.0.2 IBM MQ Appliance 9.1.x Continuous Delivery (CD) Release Continuous delivery updates 9.1.1 and 9.1.2 ...read more


IBM Security Bulletin: Financial Transaction Manager for Digital Payments: Information Leakage in configuration listing (CVE-2018-1670)

Jul 29, 2019 9:01 am EDT | Low Severity

IBM Financial Transaction Manager for Digital Payments (FTM DP) for Multi-Platform could allow an authenticated user to obtain sensitive product configuration information from log files. CVE(s): CVE-2018-1670 Affected product(s) and affected version(s): FTM DP v3.2.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731497X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144946 ...read more


IBM Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)

Jul 17, 2019 9:01 am EDT | Low Severity

IBM RackSwitch firmware products listed below have addressed the following vulnerability in OpenSSL. CVE(s): CVE-2018-0734 Affected product(s) and affected version(s): Product Affected Version IBM RackSwitch G8000 7.1 IBM RackSwitch G8052 7.9 IBM RackSwitch G8052 7.11 IBM RackSwitch G8124/G8124E 7.11 IBM RackSwitch G8264 7.11 IBM RackSwitch G8264CS 7.8 IBM RackSwitch G8264T 7.9 IBM RackSwitch G8316 7.9 ...read more