Medium Severity

IBM Security Bulletin: IBM Cloud Transformation Advisor is affected by a CVE-2018-1901 vulnerability

Share this post:

IBM Cloud Transformation Advisor has addressed the following vulnerability. CVE-2018-1901

CVE(s): CVE-2018-1901

Affected product(s) and affected version(s):
IBM Cloud Transformation Advisor Continuous Delivery

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10871892
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152530

More stories

IBM Security Bulletin: IBM QRadar WinCollect Agent Does Not Verify TLS Syslog Certificate (CVE-2019-4264)

May 25, 2019 9:01 am EDT | Medium Severity

When configured for TLS Syslog the Wincollect agent does not verify the authenticity or accuracy of the server certificate. Even when a certificate is specified within the WinCollect configuration it is ignored, and any certificate presented by the server is blindly accepted while negotiating TLS. CVE(s): CVE-2019-4264 Affected product(s) and affected version(s):WinCollect Agent 7.1.2 – ...read more


IBM Security Bulletin: Security vulnerability affects the Report Builder shipped with Jazz Reporting Service (CVE-2019-4184)

May 25, 2019 9:01 am EDT | Medium Severity

There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. CVE(s): CVE-2019-4184 Affected product(s) and affected version(s): Jazz Reporting Service 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 and 6.0.6.1. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10884604X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158974 ...read more


IBM Security Bulletin: A security vulnerability has been addressed in IBM Cognos Analytics (CVE-2019-4139)

May 24, 2019 9:01 am EDT | Medium Severity

This bulletin addresses a security vulnerability that has been fixed in IBM Cognos Analytics 11.1.2 and IBM Cognos Analytics 11.0.13 FP1. A Cross Site Scripting (XSS) vulnerability could allow attackers to inject code into a GET statement when importing visualizations. This has been addressed in the latest available updates. CVE(s): CVE-2019-4139 Affected product(s) and affected ...read more