High Severity

IBM Security Bulletin: WebSphere MQ is vulnerable to disclosing side channel information via discrepencies between valid and invalid PKCS#1 padding. ROBOT. (CVE-2018-1388)

Share this post:

WebSphere MQ is affected by the ROBOT vulnerability where it may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding.

CVE(s): CVE-2018-1388

Affected product(s) and affected version(s):

WebSphere MQ v7.0.1

  • Maintenance levels 7.0.1.0 – 7.0.1.14

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138212

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin

Dec 15, 2018 9:01 am EST | High Severity

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in October 2018. CVE(s): CVE-2018-3139, CVE-2018-3136, CVE-2018-13785, CVE-2018-3214, CVE-2018-3180, CVE-2018-3149, CVE-2018-3169, CVE-2018-3183 Affected product(s) and affected version(s): AIX 6.1, 7.1, 7.2 VIOS 2.2.x The ...read more


IBM Security Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX Security Bulletin

Dec 15, 2018 9:00 am EST | High Severity

There are multiple vulnerabilities in GSKit that affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX. CVE(s): CVE-2018-1388, CVE-2018-1427, CVE-2018-1426, CVE-2016-0702, CVE-2018-1447 Affected product(s) and affected version(s): AIX 5.3, 6.1, 7.1, 7.2 VIOS 2.2.x The following fileset levels (VRMF) are vulnerable, if the respective IBM Tivoli Directory Server (ITDS) or IBM Security ...read more


IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability

Dec 14, 2018 9:01 am EST | High Severity

IBM Security Guardium has addressed the following vulnerabilities. CVE(s): CVE-2015-5237, CVE-2017-3162, CVE-2017-3161, CVE-2017-15713, CVE-2016-6811, CVE-2016-5001, CVE-2014-3627, CVE-2014-0229 Affected product(s) and affected version(s): Affected IBM Security Guardium Affected Versions IBM Security Guardium 10.0 – 10.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10742863X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/105989X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125388X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125387X-Force Database: ...read more