Medium Severity

IBM Security Bulletin: Vulnerability in OpenSSH affects AIX (CVE-2018-15473) Security Bulletin

Share this post:

Vulnerability in OpenSSH affects AIX.

CVE(s): CVE-2018-15473

Affected product(s) and affected version(s):

AIX 5.3, 6.1, 7.1, 7.2
VIOS 2.2.x

The following fileset levels are vulnerable:

key_fileset = osrcaix

Fileset Lower Level Upper Level KEY
————————————————————-
openssh.base.client 4.0.0.5200 7.5.102.1500 key_w_fs
openssh.base.server 4.0.0.5200 7.5.102.1500 key_w_fs

Note: To determine if your system is vulnerable, execute the following commands:

lslpp -L | grep -i openssh.base.client
lslpp -L | grep -i openssh.base.server

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10733751
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148397

More stories

Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29800)

Sep 21, 2021 8:02 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more


Security Bulletin: OpenSSL publicly disclosed vulnerability affects MessageGateway (CVE-2021-3712)

Sep 21, 2021 8:00 pm EDT | Medium Severity

MessageGateway has addressed the following vulnerability(ies) by updating the version of OpenSSL. ...read more


Security Bulletin: Multiple security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (ISVG IMVA)

Sep 21, 2021 8:00 pm EDT | Medium Severity

IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities. ...read more