Medium Severity

IBM Security Bulletin: Vulnerabilities in NTPv4 affect AIX (CVE-2018-12327, CVE-2018-7170) Security Bulletin

Share this post:

There is a vulnerability in NTPv4 that affects AIX.

CVE(s): CVE-2018-12327, CVE-2018-7170

Affected product(s) and affected version(s):

AIX 6.1, 7.1, 7.2
VIOS 2.2.x

The vulnerabilities in the following filesets are being addressed:

key_fileset = aix

For NTPv4:

Fileset Lower Level Upper Level KEY
———————————————————
ntp.rte 7.4.2.8100 7.4.2.8110 key_w_fs

To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user’s guide.

Example: lslpp -L | grep -i ntp.rte

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10744497
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145120
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139786

More stories

IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)

Apr 24, 2019 9:01 am EDT | Medium Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in cURL. CVE(s): CVE-2018-16840, CVE-2018-16842 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10882106X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152299X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152300 ...read more


IBM Security Bulletin: API Connect V5 is impacted by vulnerabilities in Bootstrap (CVE-2018-14040 CVE-2018-14041 CVE-2018-14042)

Apr 24, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2018-14042, CVE-2018-14041, CVE-2018-14040 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10880955X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146466X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146467X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146468 ...read more


IBM Security Bulletin: IBM InfoSphere Data Quality Exception Console is affected by a Reflected XSS (Cross-Site Scripting) vulnerability

Apr 24, 2019 9:01 am EDT | Medium Severity

A Reflected XSS (Cross-Site Scripting) vulnerability was addressed by IBM InfoSphere Data Quality Exception Console. CVE(s): CVE-2019-4238 Affected product(s) and affected version(s): The following products, running on all supported platforms, are affected: IBM InfoSphere Data Quality Exception Console: versions 11.3, 11.5, and 11.7 IBM InfoSphere Information Server on Cloud: version 11.5, and 11.7 Refer to ...read more