Medium Severity

IBM Security Bulletin: Cross-site scripting vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1643)

Share this post:

There is a potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server which affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).

CVE(s): CVE-2018-1643

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.13

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Note that 5.3 versions of IBM Spectrum Control are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10787515
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144588

More stories

IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)

Apr 24, 2019 9:01 am EDT | Medium Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in cURL. CVE(s): CVE-2018-16840, CVE-2018-16842 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10882106X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152299X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152300 ...read more


IBM Security Bulletin: API Connect V5 is impacted by vulnerabilities in Bootstrap (CVE-2018-14040 CVE-2018-14041 CVE-2018-14042)

Apr 24, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2018-14042, CVE-2018-14041, CVE-2018-14040 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10880955X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146466X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146467X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146468 ...read more


IBM Security Bulletin: IBM InfoSphere Data Quality Exception Console is affected by a Reflected XSS (Cross-Site Scripting) vulnerability

Apr 24, 2019 9:01 am EDT | Medium Severity

A Reflected XSS (Cross-Site Scripting) vulnerability was addressed by IBM InfoSphere Data Quality Exception Console. CVE(s): CVE-2019-4238 Affected product(s) and affected version(s): The following products, running on all supported platforms, are affected: IBM InfoSphere Data Quality Exception Console: versions 11.3, 11.5, and 11.7 IBM InfoSphere Information Server on Cloud: version 11.5, and 11.7 Refer to ...read more