Medium Severity

IBM Security Bulletin: Multiple vulnerabilities in Open Source Libreswan affect IBM Netezza Host Management

Share this post:

Open Source Libreswan is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs.

CVE(s): CVE-2019-12312, CVE-2019-10155

Affected product(s) and affected version(s):

  • IBM Netezza Host Management 5.4.7.0 – 5.4.24.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10961690
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161562
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162652

More stories

IBM Security Bulletin: IBM Security Key Lifecycle Manager uses Weak password policy (CVE-2019-4565)

Sep 18, 2019 9:02 am EDT | Medium Severity

IBM Security Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. CVE(s): CVE-2019-4565 Affected product(s) and affected version(s): Principal Product and Version(s) IBM Security Key Lifecycle Manager (SKLM) v3.0 – v3.0.0.2 on distributed platforms IBM Security Key Lifecycle Manager (SKLM) ...read more


IBM Security Bulletin: Path Traversal exposure in the Save/Export function of the FTM OAC

Sep 17, 2019 9:00 am EDT | Medium Severity

The “Save/Export” function available on all search result displays (tabulated results) is potentially vulnerable to a Path Traversal type attack. CVE(s): CVE-2018-1847 Affected product(s) and affected version(s): Principal Product and Version(s) Financial Transaction Manager for MP v2.0.0.0 through 2.0.0.5 Financial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 Financial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 ...read more


IBM Security Bulletin: Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4477)

Sep 16, 2019 5:11 pm EDT | Medium Severity

There is an information disclosure in WebSphere Application Server when using Security Auditing. CVE(s): CVE-2019-4477 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Version 9.0 Version 8.5 Version 8.0 Version 7.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www.ibm.com/support/pages/node/960290X-Force ...read more