Medium Severity

IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker , IBM Integration Bus and IBM App Connect

Share this post:

Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker, IBM Integration Bus and IBM App Connect. The DataDirect ODBC Drivers used by WebSphere Message Broker , IBM App Connect and IBM Integration Bus have addressed the applicable CVEs.

CVE(s): CVE-2017-3735, CVE-2017-3736, CVE-2017-3738, CVE-2018-0737, CVE-2017-3737

Affected product(s) and affected version(s):

IBM App Connect V11

IBM Integration Bus V10, V9

WebSphere Message Broker V8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10735561
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136078
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136077

More stories

Security Bulletin: There is an information disclosure vulnerability in Liberty for Java (CVE-2020-4329)

Jun 5, 2020 8:00 pm EDT | Medium Severity

There is an information disclosure in WebSphere Application Server Liberty. ...read more


Security Bulletin: Potential spoofing attack in Liberty for Java (CVE-2020-4421)

Jun 5, 2020 8:00 pm EDT | Medium Severity

IBM WebSphere Application Server Liberty using openidConnectServer feature could allow spoofing identity by an authenticated user. This has been addressed. ...read more


Security Bulletin: CVE-2019-2949 may affect IBM® SDK, Java™ Technology Edition used in Liberty for Java

Jun 5, 2020 8:00 pm EDT | Medium Severity

CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update ...read more