High Severity

IBM Security Bulletin: IBM Connections Security Refresh for Apache Struts Remote Code Execution (RCE) Vulnerability (CVE-2018-11776)

Share this post:

Certain versions of Apache Struts 2 Framework are vulnerable to RCE attacks. IBM Connections uses Apache Struts 2, see details below for remediation information.

CVE(s): CVE-2018-11776

Affected product(s) and affected version(s):

The following versions of IBM Connections are impacted:

IBM Connections 6.0
IBM Connections 5.5
IBM Connections 5.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731343
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148694

More stories

IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX

Jun 15, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.5.25, 8.0.5.20, and 7.0.10.30, used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. CVE(s): CVE-2018-12547, CVE-2018-1890 Affected product(s) and affected version(s): IBM Sterling Connect:Direct for Unix 6.0.0 IBM Sterling Connect:Direct for Unix 4.3.0 IBM Sterling Connect:Direct for ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Jun 14, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by IBM Content Collector for SAP Applications. CVE(s): CVE-2018-12547, CVE-2019-2422, CVE-2019-2426 Affected product(s) and affected version(s):IBM Content Collector for SAP Applications 4.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880993X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155741X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744 ...read more


IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy

Jun 14, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. These issues were disclosed as part of the IBM Java SDK updates in January 2019. CVE(s): CVE-2018-12547, CVE-2018-1890, CVE-2019-2426 Affected product(s) and affected version(s): IBM Sterling Secure Proxy 6.0.0.0 through 6.0.0.0 iFix 1 IBM Sterling Secure Proxy 3.4.3.0 ...read more