Medium Severity

IBM Security Bulletin: Potential Privilege escalation vulnerability in WebSphere Application Server (CVE-2018-1840)

Share this post:

There is a potential privilege elevation vulnerability in WebSphere Application Server after migration from WebSphere Application Server Version 8 when a security domain is configured to use a federated repository other than global federated repository.

CVE(s): CVE-2018-1840

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server:

  • Version 9.0
  • Version 8.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10735767
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150813

More stories

IBM Security Bulletin: IBM API Connect is affected by sensitive information leakage in LoopBack (CVE-2019-4382)

Jun 19, 2019 9:01 am EDT | Medium Severity

API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4382 Affected product(s) and affected version(s): IBM API Connect 5.0.0.0-5.0.8.6 iFix 1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10886747X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162162 ...read more


IBM Security Bulletin: Information Disclosure Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4377)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM Sterling B2B Integrator Standard Edition has addressed the information disclosure vulnerability CVE(s): CVE-2019-4377 Affected product(s) and affected version(s):IBM Sterling B2B Integrator 6.0.0.0 – 6.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887853X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162083 ...read more


IBM Security Bulletin: API Connect V2018 is impacted by sensitive information leak (CVE-2018-2013)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2018-2013 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 2018.1-2018.4.1.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882924X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155193 ...read more