High Severity

IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. These issues were disclosed as part of the IBM Java SDK updates in January 2019.

CVE(s): CVE-2018-12547, CVE-2018-1890, CVE-2019-2426

Affected product(s) and affected version(s):

IBM Sterling Secure Proxy 6.0.0.0 through 6.0.0.0 iFix 1

IBM Sterling Secure Proxy 3.4.3.0 through 3.4.3.2 iFix 4

IBM Sterling Secure Proxy 3.4.2.0 through 3.4.2.0 iFix 17

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885937
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744

More stories

Security Bulletin: WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4589)

Aug 13, 2020 8:00 pm EDT | High Severity

WebSphere Application Server is vulnerable to a remote code execution vulnerability. This has been addressed. ...read more


Security Bulletin: Db2 vulnerabilities affect IBM Spectrum Protect Server (CVE-2020-4230, CVE-2020-4135, CVE-2020-4204, CVE-2020-4200)

Aug 12, 2020 8:01 pm EDT | High Severity

The IBM Spectrum Protect Server is affected by multiple Db2 vulnerabilities such as privilege escalation, denial of service, and buffer overflow. ...read more


Security Bulletin: Security vulnerability has been identified in BigFix Platform shipped with IBM License Metric Tool.

Aug 12, 2020 8:01 pm EDT | High Severity

BigFix Platform is shipped with IBM License Metric Tool. Information about a security vulnerability affecting BigFix Platform has been published in a security bulletin. ...read more