High Severity

Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to spoofing due to Eclipse Paho (CVE-2019-11777)

Share this post:

There is a vulnerability in the Eclipse Paho library used by Liberty for Java for IBM Cloud with the rtcomm-1.0 or rtcommGateway-1.0 feature enabled. This has been addressed.

CVE(s): CVE-2019-11777

Affected product(s) and affected version(s):

These vulnerabilities affect all versions of Liberty for Java for IBM Cloud up to and including v3.72.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6616659
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/167068

More stories

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data

November 30, 2022 | High Severity

IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Ansible

November 30, 2022 | High Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Ansible. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in AWS SDK for Java

November 30, 2022 | High Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of AWS SDK for Java. ...read more