IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX

Jun 15, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.5.25, 8.0.5.20, and 7.0.10.30, used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. CVE(s): CVE-2018-12547, CVE-2018-1890 Affected product(s) and affected version(s): IBM Sterling Connect:Direct for Unix 6.0.0 IBM Sterling Connect:Direct for Unix 4.3.0 IBM Sterling Connect:Direct for ...read more


IBM Security Bulletin: IBM Cloud Private Platform-UI is vulnerable to a cross-site request forgery attack (CVE-2019-4142)

Jun 15, 2019 9:00 am EDT | Medium Severity

IBM Cloud Private Platform-UI is vulnerable to a cross-site request forgery attack CVE(s): CVE-2019-4142 Affected product(s) and affected version(s):IBM Cloud Private 2.1.x, 3.1.0, 3.1.1, 3.1.2 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885434X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158338 ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Jun 14, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by IBM Content Collector for SAP Applications. CVE(s): CVE-2018-12547, CVE-2019-2422, CVE-2019-2426 Affected product(s) and affected version(s):IBM Content Collector for SAP Applications 4.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880993X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155741X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744 ...read more


IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy

Jun 14, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. These issues were disclosed as part of the IBM Java SDK updates in January 2019. CVE(s): CVE-2018-12547, CVE-2018-1890, CVE-2019-2426 Affected product(s) and affected version(s): IBM Sterling Secure Proxy 6.0.0.0 through 6.0.0.0 iFix 1 IBM Sterling Secure Proxy 3.4.3.0 ...read more


IBM Security Bulletin: IBM Tivoli Netcool Impact Remote Code Execution (CVE-2019-4103)

Jun 14, 2019 9:01 am EDT | High Severity

IBM Tivoli Netcool Impact allows for remote execution of command by low privileged User. Remote code execution allow to execute arbitrary code on system which lead to take control over the system. CVE(s): CVE-2019-4103 Affected product(s) and affected version(s): Affected IBM Tivoli Netcool Impact Affected Versions IBM Tivoli Netcool Impact 7.1.0 7.1.0.0 ~ 7.1.0.15 Refer ...read more


IBM Security Bulletin: IBM InfoSphere Information Server is affected by a XXE (XML External Entity) Injection vulnerability

Jun 14, 2019 9:01 am EDT | High Severity

An XXE (XML External Entity) Injection vulnerability was addressed by IBM InfoSphere Information Server. CVE(s): CVE-2018-1845 Affected product(s) and affected version(s): The following products, running on all supported platforms, are affected: IBM InfoSphere Information Server: versions 11.3, 11.5, and 11.7 IBM InfoSphere Information Governance Catalog: versions 11.3, 11.5, and 11.7 IBM InfoSphere Information Server on ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server

Jun 14, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in July 2018. CVE(s): CVE-2017-3736, CVE-2017-3732, CVE-2016-0705, CVE-2018-1517, CVE-2018-1656, CVE-2018-2973, CVE-2018-2952, CVE-2018-2940 Affected product(s) and affected version(s): The following products, ...read more


IBM Security Bulletin: IBM Notes 9 and Domino 9 are affected by Open Source James Clark Expat Vulnerabilities (CVE-2013-0340, CVE-2013-0341)

Jun 14, 2019 9:00 am EDT | Medium Severity

IBM Notes 9 and Domino 9 consume Open Source James Clark Expat for which the vulnerabilities are reported. Expat is vulnerable to a denial of service, caused by the improper handling of internal entity expansion. IBM has addressed these vulnerabilities by updating fixes provided by HP to the existing Keyview library. CVE(s): CVE-2013-0340, CVE-2013-0341 Affected ...read more


IBM Security Bulletin: IBM Cognos Controller 2019Q2 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Jun 14, 2019 9:00 am EDT | High Severity

This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Controller. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Java™ Technology Edition, Version 8 that are used by IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1 and 10.4. These issues were disclosed as part ...read more