Low Severity

Security Bulletin: IBM Tivoli Monitoring Basic Services is vulnerable to a denial of service attack in zlib component (CVE-2018-25032)

Share this post:

Fixes a vulnerability reported in the zlib that is used by IBM Tivoli Monitoring for historical data collection (CVE-2018-25032).

CVE(s): CVE-2018-25032

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli Monitoring 6.3.0 – 6.3.0.7 (up to 6.3.0.7 Service pack 12)

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6825735
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/222615

More stories

Security Bulletin: IBM DataPower Gateway does not invalidate active sessions on a password change (CVE-2022-40228)

November 21, 2022 | Low Severity

If a user password is changed, IBM DataPower Gateway does not immediately invalidate existing active sessions that were created with the old password. This means that a session created using a compromised password could continue to operate after the password has been changed until the session expires. ...read more


Security Bulletin: Vulnerability in Apache HTTP (CVE-2020-13950) affects Power HMC

November 18, 2022 | Low Severity

Apache HTTP webserver is used by IBM Power Hardware Management Console (HMC) for accepting https request and transfer to and fro to internal applications. This bulletin provides a remediation for the impacted vulnerability, CVE-2020-13950 by upgrading IBM Power Hardware Management Console (HMC) respective PTF and thus addressing the exposure to the vulnerability. ...read more


Security Bulletin: Potential vulnerability in Eclipse Jetty affects IBM Operations Analytics – Log Analysis (CVE-2022-2047)

November 17, 2022 | Low Severity

The vulnerability in Eclipse Jetty allows bypass security restrictions. This has been addressed. ...read more