High Severity

IBM Security Bulletin: IBM Connections Security Refresh for Apache Struts Remote Code Execution (RCE) Vulnerability (CVE-2018-11776)

Share this post:

Certain versions of Apache Struts 2 Framework are vulnerable to RCE attacks. IBM Connections uses Apache Struts 2, see details below for remediation information.

CVE(s): CVE-2018-11776

Affected product(s) and affected version(s):

The following versions of IBM Connections are impacted:

IBM Connections 6.0
IBM Connections 5.5
IBM Connections 5.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731343
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148694

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos TM1 (CVE-2018-3180, CVE-2018-12547)

Apr 19, 2019 9:00 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos TM1. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019. CVE(s): CVE-2018-3180, CVE-2018-12547 Affected product(s) and affected version(s): IBM Cognos TM1 10.2.2 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Insight (CVE-2018-3180, CVE-2018-12547)

Apr 19, 2019 9:00 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Insight. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019. CVE(s): CVE-2018-3180, CVE-2018-12547 Affected product(s) and affected version(s): IBM Cognos Insight 10.2.2 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: A security vulnerability has been identified in IBM Java Runtime could affect DB2 Query Management Facility (CVE-2018-12547, CVE-2019-2426, CVE-2018-1890, CVE-2018-12549, CVE-2018-11212)

Apr 18, 2019 9:01 am EDT | High Severity

An unspecified vulnerability has been identified in IBM Java Runtime that could affect Db2 Query Management Facility. CVE(s): CVE-2018-12547, CVE-2019-2426, CVE-2018-1890, CVE-2018-12549, CVE-2018-11212 Affected product(s) and affected version(s): Principal Product and Version(s) Affected Supporting Product DB2 Query Management Facility for z/OS v11.1 Query Management Facility Enterprise Edition V11.1 DB2 Query Management Facility for z/OS v11.2 ...read more