High Severity

IBM Security Bulletin: WebSphere MQ is vulnerable to disclosing side channel information via discrepencies between valid and invalid PKCS#1 padding. ROBOT. (CVE-2018-1388)

Share this post:

WebSphere MQ is affected by the ROBOT vulnerability where it may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding.

CVE(s): CVE-2018-1388

Affected product(s) and affected version(s):

WebSphere MQ v7.0.1

  • Maintenance levels 7.0.1.0 – 7.0.1.14

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138212

More stories

IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a security vulnerability (CVE-2018-1850)

Oct 19, 2018 9:01 am EDT | High Severity

IBM Security Access Manager appliance is affected by a security vulnerability that could allow unauthorized operations when Advanced Access Control services are running. CVE(s): CVE-2018-1850 Affected product(s) and affected version(s): Affected IBM Security Access Manager Appliance Affected Versions IBM Security Access Manager 9.0.3.1-9.0.5.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source ...read more


IBM Security Bulletin: Security Vulnerabilities in IBM® Java SDK affect Rational Method Composer July 2018 CPU

Oct 19, 2018 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM Java Development kit, Version 7 which is used by IBM Rational Method Composer (RMC). These issues were disclosed as part of the IBM Java SDK updates in July 2018. CVE(s): CVE-2018-1656, CVE-2018-12539 Affected product(s) and affected version(s): Rational Method Composer 7.5.3 Rational Method Composer 7.5.2.4 Refer to the following ...read more


IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2018-2783)

Oct 19, 2018 9:01 am EDT | High Severity

There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java SDK updates in April 2018. CVE(s): CVE-2018-2783 Affected product(s) and affected version(s): Connect:Direct Browser User Interface 1.5.0.2 through 1.5.0.2 iFix20 Refer to ...read more