High Severity

IBM Security Bulletin: Multiple vulnerabilities affect Watson Explorer and IBM Watson Content Analytics (CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633)

Share this post:

Security vulnerabilities have been identified in IBM® Runtime Environment Java™ Technology Edition that is used by Watson Explorer and IBM Watson Content Analytics.

CVE(s): CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633

Affected product(s) and affected version(s):

These vulnerabilities apply to the following products and versions:

Affected Product

Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Deep Analytics Edition Foundational Components 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Deep Analytics Edition Analytical Components 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Deep Analytics Edition oneWEX 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Foundational Components 11.0.0.0 – 11.0.0.3, 11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 10.0.0.0 – 10.0.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 9.0.0.0 – 9.0.0.8 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 8.2 – 8.2-6 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Foundational Components Annotation Administration Console 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Foundational Components Annotation Administration Console 11.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Foundational Components Annotation Administration Console 10.0 – 10.0.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Watson Explorer Analytical Components 11.0.0.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Watson Explorer Analytical Components 10.0.0.0 – 10.0.0.2 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Content Analytics 3.5.0.0 – 3.5.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Deep Analytics Edition Content Analytics Studio 12.0.0.0 CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 11.0 – 11.0.0.3,
11.0.1
CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 11.0.2, 11.0.2.1,
11.0.2.2
CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 10.0.0.0 – 10.0.0.2 CVE-2018-2602
IBM Watson Content Analytics 3.5.0.0 – 3.5.0.4 CVE-2018-2602

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22014682
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885

More stories

Security Bulletin: IBM Db2® Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2®

Jan 19, 2022 7:00 pm EST | High Severity

IBM has released the following fix for IBM Db2® Warehouse in response to multiple vulnerabilities found in IBM Db2®. ...read more


Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35619)

Jan 18, 2022 7:02 pm EST | High Severity

An Oracle database server vulnerability affects IBM Emptoris Strategic Supply Management Platform. The issue has been addressed. ...read more


Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35619)

Jan 18, 2022 7:02 pm EST | High Severity

An Oracle database server vulnerability affects IBM Emptoris Program Management. The issue has been addressed. ...read more