Medium Severity

IBM Security Bulletin: The BigFix Platform versions 9.1 and 9.2 have security vulnerabilities that have been addressed via patch releases

Share this post:

The BigFix Platform verions 9.1 and 9.2 have some vulnerabilities associated with the zlib library, as well as Cross Site Scripting and XML External Entity that have been addressed in patch releases 9.1 patch 11 and 9.2 patch 11 respectively

CVE(s): CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-1203, CVE-2017-1219

Affected product(s) and affected version(s):

BigFix Platform Version 9.1, BigFix Platform Version 9.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22006014
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120508
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120509
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120510
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120511
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/123678
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/123859

More stories

Security Bulletin: A vulnerability in IBM Java Runtime affects Rational Asset Analyzer

Jul 1, 2020 8:01 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ used by Rational Asset analyzer. Rational Asset analyzer has addressed the applicable CVE. ...read more


Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Jul 1, 2020 8:01 pm EDT | Medium Severity

Rational Asset Analyzer (RAA) has addressed the following vulnerability in WebSphere Application Server. ...read more


Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Jul 1, 2020 8:00 pm EDT | Medium Severity

Rational Asset Analyzer (RAA) has addressed the following vulnerability in WebSphere Application Server. ...read more