High Severity

IBM Security Bulletin: WebSphere MQ is vulnerable to disclosing side channel information via discrepencies between valid and invalid PKCS#1 padding. ROBOT. (CVE-2018-1388)

Share this post:

WebSphere MQ is affected by the ROBOT vulnerability where it may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding.

CVE(s): CVE-2018-1388

Affected product(s) and affected version(s):

WebSphere MQ v7.0.1

  • Maintenance levels 7.0.1.0 – 7.0.1.14

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138212

More stories

IBM Security Bulletin: Multiple vulnerabilities were identified in Node.js that affect IBM Cloud App Management V2018

Feb 15, 2019 9:00 am EST | High Severity

Multiple vulnerabilities were identified in Node.js that affected IBM Cloud App Management V2018. The product was updated to use a later version of Node.js to address these security vulnerabilities. CVE(s): CVE-2018-0732, CVE-2018-12115, CVE-2018-7166, CVE-2018-0737 Affected product(s) and affected version(s): IBM Cloud App Management V2018.2 Refer to the following reference URLs for remediation and additional vulnerability ...read more


IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Feb 14, 2019 9:00 am EST | High Severity

PowerKVM is affected by vulnerabilities in the Linux kernel . IBM has now addressed these vulnerabilities. CVE(s): CVE-2018-10675, CVE-2018-7566, CVE-2017-13215 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870832X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142895X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141112X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137560 ...read more


IBM Security Bulletin: Apache Commons FileUpload Vulnerability Can Affect IBM Sterling Order Management (CVE-2016-1000031)

Feb 14, 2019 9:00 am EST | High Severity

IBM Sterling Order Management uses Apache Commons FileUpload and is affected by some of the vulnerabilities that exist in Apache Commons FileUpload. CVE(s): CVE-2016-1000031 Affected product(s) and affected version(s):IBM Sterling Selling and Fulfillment Foundation 9.1.0 through 10.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870454X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117957 ...read more