Medium Severity

IBM Security Bulletin: IBM InfoSphere Governance Catalog is affected by a Reflected XSS (Cross-Site Scripting) vulnerability

Share this post:

A Reflected XSS (Cross-Site Scripting) vulnerability was addressed by IBM InfoSphere Governance Catalog.

CVE(s): CVE-2018-1895

Affected product(s) and affected version(s):

The following products, running on all supported platforms, are affected:

IBM InfoSphere Information Governance Catalog: versions 11.3, 11.5, and 11.7

IBM InfoSphere Information Server on Cloud: version 11.5, and 11.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10744013
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152159

More stories

IBM Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-1901)

Apr 20, 2019 9:00 am EDT | Medium Severity

There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue allow a remote attacker to temporarily gain elevated privileges on the system. CVE(s): CVE-2018-1901 Affected product(s) and affected version(s):The Elastic Storage Server 5.3 thru 5.3.2.1 The Elastic Storage Server 5.0.0 thru 5.2.5 The Elastic Storage Server 4.5.0 thru 4.6.0 ...read more


IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for UNIX (CVE-2018-0734 and CVE-2018-5407)

Apr 18, 2019 9:01 am EDT | Medium Severity

OpenSSL vulnerabilities were disclosed on October 30, 2018 (CVE-2018-0734) and November 02, 2018 (CVE-2018-5407) by the OpenSSL Project. OpenSSL is used by Sterling Connect:Express for UNIX. Sterling Connect:Express for UNIX has addressed the applicable CVEs. CVE(s): CVE-2018-0734, CVE-2018-5407 Affected product(s) and affected version(s): IBM Sterling Connect:Express for UNIX 1.5.0.15 All versions prior to and including ...read more


IBM Security Bulletin: IBM QRadar SIEM is vulnerable to Information Exposure (CVE-2018-1729)

Apr 18, 2019 9:00 am EDT | Medium Severity

The product discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. CVE(s): CVE-2018-1729 Affected product(s) and affected version(s):IBM QRadar SIEM 7.3.0 – 7.3.2 GA Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10881546X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147708 ...read more