Medium Severity

IBM Security Bulletin: IBM DataPower Gateways is affected by a downgrade vulnerability (CVE-2018-1663)

Share this post:

IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-1663

CVE(s): CVE-2018-1663

Affected product(s) and affected version(s):

IBM DataPower Gateway 7.7.0.0-7.7.1.3 (CD)
IBM DataPower Gateway 7.6.0.0-7.6.0.9
IBM DataPower Gateway 7.5.2.0-7.5.2.16
IBM DataPower Gateway 7.5.1.0.-7.5.1.16
IBM DataPower Gateway 7.5.0.0-7.5.0.17

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10740033
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144889

More stories

IBM Security Bulletin: Potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926)

Dec 11, 2018 9:02 am EST | Medium Severity

There is a potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926) CVE(s): CVE-2018-1926 Affected product(s) and affected version(s): This vulnerability affects the following: WebSphere Application Server Version 9.0 WebSphere Application Server Version 8.5 WebSphere Virtual Enterprise Version 8.0 WebSphere Virtual Enterprise Version 7.0 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2018-1901)

Dec 11, 2018 9:01 am EST | Medium Severity

There is a timing window where there could be a privilege escalation vulnerability in WebSphere Application Server. CVE(s): CVE-2018-1901 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Liberty Version 9.0 Version 8.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more


IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2018-1060, CVE-2018-1061)

Dec 11, 2018 9:01 am EST | Medium Severity

IBM Cloud Private and IBM Cloud Automation Manager component are vulnerable to multiple security vulnerabilities CVE(s): CVE-2018-1060, CVE-2018-1061 Affected product(s) and affected version(s): IBM Cloud Private 2.1.0 – 3.1.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10740279X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145116X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145115 ...read more