High Severity

IBM Security Bulletin: Code execution vulnerability with OpenID connect in WebSphere Application Server Liberty affects IBM WebSphere Application Server in IBM Cloud (CVE-2018-1851)

Share this post:

There is a potential code execution vulnerability in OpenID connect in WebSphere Application Server Liberty.

CVE(s): CVE-2018-1851

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server:

  • Liberty

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10742809
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150999

More stories

IBM Security Bulletin: Open Source Python-paramiko vulnerability affects IBM Netezza Host Management.

Dec 11, 2018 9:02 am EST | High Severity

Open Source Python-paramiko is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. CVE(s): CVE-2018-1000805 Affected product(s) and affected version(s): IBM Netezza Host Management 5.4.5.0 – 5.4.22.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10787453X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151370 ...read more


IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904)

Dec 11, 2018 9:01 am EST | High Severity

There is a potential remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904) CVE(s): CVE-2018-1904 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738735X-Force ...read more


IBM Security Bulletin: Vulnerability in BIND affects Power Hardware Management Console (CVE-2018-5740)

Dec 11, 2018 9:01 am EST | High Severity

Berkeley Internet Name Domain (BIND) is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVE CVE(s): CVE-2018-5740 Affected product(s) and affected version(s): Power HMC V8.6.0.0 Power HMC V8.7.0.0 Power HMC V9.1.910.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10741077X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148131 ...read more