High Severity

IBM Security Bulletin: WebSphere MQ is vulnerable to disclosing side channel information via discrepencies between valid and invalid PKCS#1 padding. ROBOT. (CVE-2018-1388)

Share this post:

WebSphere MQ is affected by the ROBOT vulnerability where it may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding.

CVE(s): CVE-2018-1388

Affected product(s) and affected version(s):

WebSphere MQ v7.0.1

  • Maintenance levels 7.0.1.0 – 7.0.1.14

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138212

More stories

Security Bulletin: IBM i2 Analyst's Notebook Memory Corruption Vulnerabilities

Oct 28, 2020 8:02 pm EDT | High Severity

IBM i2 Analyst's Notebook and Analyst's Notebook Premium suffer from some memory corruption vulnerabilities. ...read more


Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data – Golang (CVE-2020-16845)

Oct 28, 2020 8:01 pm EDT | High Severity

Security Vulnerabilities affect IBM Cloud Pak for Data - Golang (CVE-2020-16845) ...read more


Security Bulletin: Apache Struts (Publicly disclosed vulnerability) affects Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Oct 28, 2020 8:01 pm EDT | High Severity

Apache Struts is vulnerable to a denial of service, caused by an access permission override when performing a file upload. By sending a specially crafted request, an attacker could exploit this vulnerability to cause subsequent upload actions to fail. ...read more