Medium Severity

IBM Security Bulletin: IBM DataPower Gateway is affected by a padding oracle vulnerability (CVE-2019-1559)

Share this post:

IBM DataPower Gateway has addressed the following vulnerability: CVE-2019-1559

CVE(s): CVE-2019-1559

Affected product(s) and affected version(s):

Affected IBM DataPower Gateway Affected Versions
IBM DataPower Gateway 7.5.0.0-7.5.0.20
IBM DataPower Gateway 7.5.1.0-7.5.1.19
IBM DataPower Gateway 7.5.2.0-7.5.2.19
IBM DataPower Gateway 7.6.0.0-7.6.0.13
IBM DataPower Gateway 7.7.0.0-2018.4.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10883768
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157514

More stories

IBM Security Bulletin: A security vulnerability has been addressed in IBM Cognos Analytics (CVE-2019-4139)

May 24, 2019 9:01 am EDT | Medium Severity

This bulletin addresses a security vulnerability that has been fixed in IBM Cognos Analytics 11.1.2 and IBM Cognos Analytics 11.0.13 FP1. A Cross Site Scripting (XSS) vulnerability could allow attackers to inject code into a GET statement when importing visualizations. This has been addressed in the latest available updates. CVE(s): CVE-2019-4139 Affected product(s) and affected ...read more


IBM Security Bulletin: Cross-site scripting and failure to enforce HTTP Strict Transport Security vulnerabilities in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4137, CVE-2019-4138)

May 24, 2019 9:01 am EDT | Medium Severity

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) is vulnerable to cross-site scripting and failure to enforce HTTP Strict Transport Security. CVE(s): CVE-2019-4137, CVE-2019-4138 Affected product(s) and affected version(s): IBM Spectrum Control 5.2.13 – 5.2.17.2 IBM Spectrum Control 5.3.0 – 5.3.2 The versions listed above apply to all licensed offerings of IBM Spectrum Control. Refer ...read more


IBM Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability

May 24, 2019 9:01 am EDT | Medium Severity

IBM Security Guardium is aware of the following vulnerability CVE(s): CVE-2019-1559 Affected product(s) and affected version(s): Affected IBM Security Guardium Affected Versions IBM Security Guardium 10.1.4 – 10.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885200X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157514 ...read more