High Severity

IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities.

Share this post:

Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities).

CVE(s): CVE-2019-9516, CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9511, CVE-2019-9514, CVE-2019-9513

Affected product(s) and affected version(s):

IBM Cloud Event Management on IBM Cloud Private Version 2.3.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1078209
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165182
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165181
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164904
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165183
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164903
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164638
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164640
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164639

More stories

Security Bulletin: Bypass Client-Side Validation vulnerability in Cloud Pak System (CVE-2019-4240)

Nov 20, 2019 12:10 pm EST | High Severity

There is a bypass client-side validation vulnerability in IBM Cloud Pak System formerly known as IBM PureApplication System. It applies to Cloud Pak System, Software, and Service. Cloud Pak System has addressed this vulnerability. Affected product(s) and affected version(s): IBM Cloud Pak System V2.3.0 Refer to the following reference URLs for remediation and additional vulnerability ...read more


Security Bulletin: Inadequate account lockout in Cloud Pak System (CVE-2019-4096)

Nov 20, 2019 11:46 am EST | High Severity

There is inadequate account lockout in IBM Cloud Pak System formerly known as IBM PureApplication System. It applies to Cloud Pak System, Software, and Service. Cloud Pak System has addressed this vulnerability. Affected product(s) and affected version(s): IBM Cloud Pak System V2.3.0 Refer to the following reference URLs for remediation and additional vulnerability details:   ...read more


Security Bulletin: A security vulnerability has been fixed in the IBM Security Identity Manager product (CVE-2019-4561)

Nov 19, 2019 7:00 pm EST | High Severity

CVEID:   CVE-2019-4561 DESCRIPTION:   CVSS Base score: 8CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/166456 for the current score.CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) ...read more