High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2018-1890, CVE-2018-12547, CVE-2019-2426)

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server. IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server have addressed the applicable CVEs.

CVE(s): CVE-2018-1890, CVE-2018-12547, CVE-2019-2426

Affected product(s) and affected version(s):
IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server 12.9 and earlier releases

IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 35 and earlier releases IBM SDK, Java Technology Edition, Version 8 Service Refresh 5 Fix Pack 27 and earlier releases

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10875674
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744

More stories

IBM Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities CVE-2019-10072

Jul 18, 2019 9:02 am EDT | High Severity

IBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v8 CVE(s): CVE-2019-10072 Affected product(s) and affected version(s): App Connect Professional v7.5.3.0. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958283X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162806 ...read more


IBM Security Bulletin: IBM Watson Studio – Local allows mounting glusterFS without security check

Jul 18, 2019 9:00 am EDT | High Severity

Watson Studio Local was allowing glusterFS mounting without any authorization. As long as the user had access to the same network, they could mount gluster volumes in any cluster. Internal implementation has been changed to check for permission before glusterFS mounting is allowed. CVE(s): Not Applicable Affected product(s) and affected version(s): Affected IBM Watson Studio ...read more


IBM Security Bulletin: Multiple vulnerabilities affect Watson Explorer (CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503)

Jul 18, 2019 9:00 am EDT | High Severity

Multiple libarchive vulnerabilities affect Watson Explorer. CVE(s): CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503 Affected product(s) and affected version(s): These vulnerabilities apply to the following products and versions: Watson Explorer Foundational Components version 10.0.0.5 and earlier. Watson Explorer Foundational Components version 11.0.0.3 and earlier, version 11.0.1, version 11.0.2. Watson Explorer Foundational Components version 12.0.1 and earlier. Refer to ...read more