High Severity

IBM Security Bulletin: IBM Security Identity Manager is affected by multiple vulnerabilities (CVE-2018-1956, CVE-2018-1969, CVE-2018-1967 )

Share this post:

IBM Security Identity Manager (ISIM) has addressed the following vulnerabilities that can allow attackers to compromise user accounts via weak passwords, uploading or transferring dangerous files types, or cross-site scripting.

CVE(s): CVE-2018-1956, CVE-2018-1969, CVE-2018-1967

Affected product(s) and affected version(s):

Product Version
IBM Security Identity Manager 6.0.0 – 6.0.0.20

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10794615
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153628
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153750
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153748

More stories

IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Jan 23, 2019 9:01 am EST | High Severity

Multiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. CVE(s): CVE-2018-0734, CVE-2018-0735, CVE-2018-5407, CVE-2018-12116, CVE-2018-12123, CVE-2018-12120, CVE-2018-12121, CVE-2018-12122 Affected product(s) and affected version(s): Rational Application Developer 9.1 Rational ...read more


IBM Security Bulletin: Server Automation is affected by the following vulnerabilities exposures (CVE-2018-8039, CVE-2018-1683, CVE-2018-1755)

Jan 23, 2019 9:01 am EST | High Severity

Server Automation has addressed the following vulnerabilities against the REST module. CVE(s): CVE-2018-8039, CVE-2018-1683, CVE-2018-1755 Affected product(s) and affected version(s): Server Automation REST module, Version 9.5.49 or older. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743011X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145516X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145455X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148597 ...read more


IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Jan 23, 2019 9:01 am EST | High Severity

OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for ...read more