High Severity

IBM Security Bulletin: Code execution vulnerability with OpenID connect in WebSphere Application Server Liberty affects IBM WebSphere Application Server in IBM Cloud (CVE-2018-1851)

Share this post:

There is a potential code execution vulnerability in OpenID connect in WebSphere Application Server Liberty.

CVE(s): CVE-2018-1851

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server:

  • Liberty

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10742809
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150999

More stories

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Feb 20, 2019 9:00 am EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks. CVE(s): CVE-2018-0124, CVE-2018-0125, CVE-2015-5237, CVE-2013-4517, CVE-2014-3596, CVE-2012-5784, CVE-2013-2186, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2172, ...read more


IBM Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem 840 and 900

Feb 19, 2019 9:00 am EST | High Severity

There is a vulnerability in Apache Struts which the IBM FlashSystem™ 840 and 900 are susceptible. An exploit of that vulnerability (CVE-2018-11776) could make the system susceptible to attacks which could allow an attacker to execute arbitrary code on the system. CVE(s): CVE-2018-11776 Affected product(s) and affected version(s): FlashSystem 840 machine type and models (MTMs) ...read more


IBM Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem V840

Feb 19, 2019 9:00 am EST | High Severity

There is a vulnerability in Apache Struts which the IBM FlashSystem™ V840 is susceptible. An exploit of that vulnerability (CVE-2018-11776) could make the system susceptible to attacks which could allow an attacker to execute arbitrary code on the system. CVE(s): CVE-2018-11776 Affected product(s) and affected version(s): Storage Node machine type and models (MTMs) affected:9840-AE1 and ...read more