High Severity

IBM Security Bulletin: Multiple vulnerabilities affect Watson Explorer and IBM Watson Content Analytics (CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633)

Share this post:

Security vulnerabilities have been identified in IBM® Runtime Environment Java™ Technology Edition that is used by Watson Explorer and IBM Watson Content Analytics.

CVE(s): CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633

Affected product(s) and affected version(s):

These vulnerabilities apply to the following products and versions:

Affected Product

Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Deep Analytics Edition Foundational Components 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Deep Analytics Edition Analytical Components 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Deep Analytics Edition oneWEX 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Foundational Components 11.0.0.0 – 11.0.0.3, 11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 10.0.0.0 – 10.0.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 9.0.0.0 – 9.0.0.8 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Foundational Components 8.2 – 8.2-6 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Foundational Components Annotation Administration Console 12.0.0.0 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Foundational Components Annotation Administration Console 11.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Explorer Foundational Components Annotation Administration Console 10.0 – 10.0.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Watson Explorer Analytical Components 11.0.0.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.2
CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Watson Explorer Analytical Components 10.0.0.0 – 10.0.0.2 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
IBM Watson Content Analytics 3.5.0.0 – 3.5.0.4 CVE-2018-2579 CVE-2018-2588 CVE-2018-2633 CVE-2018-2602 CVE-2018-2603
Affected Product Affected Versions Applicable Vulnerabilities
IBM Watson Explorer Deep Analytics Edition Content Analytics Studio 12.0.0.0 CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 11.0 – 11.0.0.3,
11.0.1
CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 11.0.2, 11.0.2.1,
11.0.2.2
CVE-2018-2579 CVE-2018-2602 CVE-2018-2603 CVE-2018-2633
IBM Watson Explorer Content Analytics Studio 10.0.0.0 – 10.0.0.2 CVE-2018-2602
IBM Watson Content Analytics 3.5.0.0 – 3.5.0.4 CVE-2018-2602

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22014682
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885

More stories

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863)

Jul 23, 2019 9:01 am EDT | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to address multiple security vulnerabilities. The libssh2 packages that implement the SSH2 protocol is affected by four vulnerabilities. CVE(s): CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863 Affected product(s) and affected version(s):IBM Security Identity Governance and Intelligence (IGI) 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, ...read more


IBM Security Bulletin: Multiple vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation

Jul 23, 2019 9:01 am EDT | High Severity

IBM Rational DOORS Next Generation® is affected by multiple vulnerabilities in the Oracle Outside In Technology® that is used as a component. CVE(s): CVE-2019-2610, CVE-2019-2609, CVE-2019-2608, CVE-2019-2705, CVE-2019-2612, CVE-2019-2611, CVE-2019-2613 Affected product(s) and affected version(s):Rational DOORS Next Generation 6.0.6 Rational DOORS Next Generation 6.0.6.1 Previous versions are not affected. Refer to the following reference URLs ...read more


IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Apr 2019 – Includes Oracle Apr 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Jul 22, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions – Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in April 2019. CVE(s): CVE-2019-10245, CVE-2019-2684, CVE-2019-2602, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699 Affected product(s) and affected ...read more