High Severity

Security Bulletin: H2 Database Vulnerabilities Affect IBM Control Center (CVE-2018-10054, CVE-2018-14335)

Share this post:

H2 Database could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of alias and could allow a remote attacker to obtain sensitive information, caused by improper handling of permissions in the backup function.

CVE(s): CVE-2018-10054, CVE-2018-14335

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Control Center 6.2.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6453461
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141388
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147331

More stories

Security Bulletin: OpenSSH for IBM i is affected by CVE-2021-41617

Dec 1, 2021 7:02 pm EST | High Severity

OpenSSH on IBM i is vulnerable to the issue described in the vulnerability details section. The applicability of the vulnerability is determined by an application's specific use of OpenSSH. IBM i has addressed the CVE in the OpenSSH implementation. ...read more


Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoringhas applied security fixes for its use of Mozilla Firefox

Dec 1, 2021 7:01 pm EST | High Severity

IBM Cloud Pak for Multicloud Management Monitoringhas applied security fixes for its use of Mozilla Firefox. ...read more


Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Dec 1, 2021 7:01 pm EST | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. ...read more