Medium Severity

IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability. (CVE-2018-1667)

Share this post:

IBM MQ Appliance has addressed the following cross-site scripting vulnerability.

CVE(s): CVE-2018-1667

Affected product(s) and affected version(s):

IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Continuous delivery updates 9.0.1 and 9.0.5

IBM MQ Appliance 9.1 Long Term Support (LTS) Release
Maintenance level 9.1.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738171
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144893

More stories

IBM Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by information disclosure vulnerability (CVE-2019-6157)

Apr 25, 2019 9:02 am EDT | Medium Severity

IBM Integrated Management Module II (IMM2) has addressed the following information disclosure vulnerability. CVE(s): CVE-2019-6157 Affected product(s) and affected version(s): Product Affected Version IBM Integrated Management Module II (IMM2) for System x & Flex Systems 1AOO IBM Integrated Management Module II (IMM2) for BladeCenter Systems 1AOO Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2019-4047)

Apr 25, 2019 9:02 am EDT | Medium Severity

There is a security vulnerability in the Lifecycle Query Engine (LQE) shipped with Jazz Reporting Service. CVE(s): CVE-2019-4047 Affected product(s) and affected version(s): Jazz Reporting Service 6.0.6. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882262X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156243 ...read more


IBM Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2018-2004)

Apr 25, 2019 9:02 am EDT | Medium Severity

There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. CVE(s): CVE-2018-2004 Affected product(s) and affected version(s): Jazz Reporting Service 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5 and 6.0.6. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882260X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155006 ...read more