Medium Severity

IBM Security Bulletin: IBM® Db2® LUW on AIX and Linux Affected by a Vulnerability in IBM® Spectrum Scale (CVE-2018-1723). CVE-2018-1723, gpfs, spectrum scale Security Bulletin

Share this post:

Db2 LUW is affected by a vulnerability in IBM® Spectrum Scale Version 4.1.x and 4.2.x that is used by DB2® pureScale™ Feature on AIX and Linux. IBM Spectrum Scale is previously known as General Parallel File System (GPFS).

CVE(s): CVE-2018-1723

Affected product(s) and affected version(s):

All fix pack levels of IBM DB2 V10.5 and V11.1.1 editions running on AIX and Linux are affected, and only for those customers who have DB2® pureScale™ Feature installed.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10734067
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147373

More stories

IBM Security Bulletin: Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4477)

Sep 16, 2019 5:11 pm EDT | Medium Severity

There is an information disclosure in WebSphere Application Server when using Security Auditing. CVE(s): CVE-2019-4477 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www.ibm.com/support/pages/node/960290X-Force ...read more


IBM Security Bulletin: Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4270)

Sep 16, 2019 5:11 pm EDT | Medium Severity

There is a potential denial of service in the Admin Console of WebSphere Application Server. CVE(s): CVE-2019-4270 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source ...read more


IBM Security Bulletin: Path traversal vulnerability in WebSphere Application Server Admin Console (CVE-2019-4442)

Sep 16, 2019 3:52 pm EDT | Medium Severity

There is a path traversal vulnerability in the Admin Console of WebSphere Application Server. CVE(s): CVE-2019-4442 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more