Critical Severity

Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in IBM Http server

Share this post:

IBM API Connect has addressed the following vulnerabilities.

CVE(s): CVE-2017-7679, CVE-2017-9798, CVE-2017-12618, CVE-2017-12613, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301, CVE-2019-0211, CVE-2019-0220, CVE-2018-20843, CVE-2019-10092, CVE-2019-10098, CVE-2020-1927, CVE-2020-1934

Affected product(s) and affected version(s):

API Connect V5.0.0.0-V5.0.8.11

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6489787
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127420
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132159
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134048
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134049
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140858
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140857
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140852
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158929
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158948
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163073
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165367
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165366
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/178936
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/178937

More stories

Security Bulletin: IBM QRadar Advisor With Watson uses components with known vulnerabilities (CVE-2020-36242, CVE-2021-33503, CVE-2020-28493)

Oct 20, 2021 8:02 pm EDT | Critical Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. This update addresses these vulnerabilities. ...read more


Security Bulletin: Multiple Vulnerabilities in VMware vCenter affect IBM Cloud Pak System

Oct 20, 2021 8:00 pm EDT | Critical Severity

Multiple vulnerabilities in VMware vCenter plugins affect IBM Cloud Pak System. IBM Cloud Pak System  in response to the vulnerabilities in VMware vCenter, provides the new release of IBM Cloud Pak System V2.3.3.4, with a new vCenter Image.  ...read more


Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs

Oct 19, 2021 8:02 pm EDT | Critical Severity

Cloud Pak for Security (CP4S) v1.7.2.0 and earlier uses packages that are vulnerable to several CVEs. These issues have been addressed in an update. See the Fixes section below for instructions. ...read more