High Severity

IBM Security Bulletin: IBM Connections Security Refresh for Apache Struts Remote Code Execution (RCE) Vulnerability (CVE-2018-11776)

Share this post:

Certain versions of Apache Struts 2 Framework are vulnerable to RCE attacks. IBM Connections uses Apache Struts 2, see details below for remediation information.

CVE(s): CVE-2018-11776

Affected product(s) and affected version(s):

The following versions of IBM Connections are impacted:

IBM Connections 6.0
IBM Connections 5.5
IBM Connections 5.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731343
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148694

More stories

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778

May 20, 2022 | High Severity

An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more

Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more