High Severity

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Share this post:

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks.

CVE(s): CVE-2018-0124, CVE-2018-0125, CVE-2015-5237, CVE-2013-4517, CVE-2014-3596, CVE-2012-5784, CVE-2013-2186, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2172, CVE-2013-0248, CVE-2014-0054, CVE-2013-7315, CVE-2013-6429, CVE-2013-4152, CVE-2011-2730, CVE-2010-1622, CVE-2018-1272, CVE-2018-1271, CVE-2018-1270, CVE-2016-9878, CVE-2014-1904, CVE-2013-3060, CVE-2013-1880, CVE-2013-1879, CVE-2012-6551, CVE-2012-6092, CVE-2011-4905, CVE-2015-1830, CVE-2014-8110, CVE-2014-3612, CVE-2014-3600, CVE-2014-3576, CVE-2015-6524, CVE-2015-5254, CVE-2015-5184, CVE-2015-5183, CVE-2015-5182, CVE-2016-0782, CVE-2016-0734, CVE-2016-3088, CVE-2016-6810, CVE-2016-9739, CVE-2016-0357, CVE-2016-0340, CVE-2016-0339, CVE-2016-0338, CVE-2016-0330, CVE-2018-7489, CVE-2018-5968, CVE-2017-7525, CVE-2017-17485, CVE-2017-15095, CVE-2014-0114, CVE-2018-1000199, CVE-2018-8897, CVE-2018-1091, CVE-2018-1087, CVE-2018-1068, CVE-2017-16939, CVE-2018-10915, CVE-2018-5740, CVE-2018-3693, CVE-2018-3646, CVE-2018-3620, CVE-2018-1944, CVE-2018-1945, CVE-2017-7957, CVE-2016-3674, CVE-2013-7285, CVE-2018-1946, CVE-2018-1947, CVE-2018-1948, CVE-2018-1949, CVE-2018-1950

Affected product(s) and affected version(s):
IBM Security Identity Governance and Intelligence (IGI) 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, 5.2.3.2, 5.2.4, 5.2.4.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10872142
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139282
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138770
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/105989
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/89891
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/95377
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/79829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88133
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114336
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117957
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90987
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85323
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/82618
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/91841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/95219
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90451
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/86589
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/69688
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/59573
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141286
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141285
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141284
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120241
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/91890
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/83719
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103075
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85586
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/83718
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/83720
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/71620
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/105644
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/100724
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/100723
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/100722
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/107290
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/106187
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/109632
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132635
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132634
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132633
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111420
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111421
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113414
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/119699
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/119789
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111896
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111780
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111749
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111748
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111693
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139549
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138088
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134639
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137340
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135123
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/92889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142242
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140892
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142976
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140403
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135317
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148225
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148131
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146191
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148319
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148318
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153386
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153387
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125800
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111806
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90229
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153388
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153427
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153428
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153429
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153430

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Oct 10, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 used by AIX. AIX has addressed the applicable CVEs. CVE(s): CVE-2019-11775, CVE-2019-11772, CVE-2019-2766, CVE-2019-2786, CVE-2019-2816, CVE-2019-2762, CVE-2019-2769, CVE-2019-7317, CVE-2019-4473, CVE-2019-11771 Affected product(s) and affected version(s): AIX 7.1, 7.2 VIOS 2.2, 3.1 The following fileset levels (VRMF) are vulnerable, if the respective ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SPSS Modeler (CVE-2019-4473,CVE-2019-11771)

Oct 9, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version JRE7SR10FP10, JRE8SR4FP10 and JRE8SR5FP25 used by IBM SPSS Modeler on AIX 64-bit pSeries platform. These issues were disclosed as part of the IBM Java SDK updates in July 2019. CVE(s): CVE-2019-4473, CVE-2019-11771 Affected product(s) and affected version(s): IBM SPSS Modeler 17.0.0.1 and earlier IBM SPSS ...read more


IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Oct 8, 2019 9:02 am EDT | High Severity

Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. CVE(s): CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9516, CVE-2019-9513, CVE-2019-9514, CVE-2019-9511, CVE-2019-9512 Affected product(s) and affected version(s): These vulnerabilities affect Node.js v8.15.1 and earlier releases. These vulnerabilities affect Node.js v10.15.2 and earlier releases. These vulnerabilities affect Node.js v12.7.1 and earlier ...read more