Thursday, May 17, 2018

IBM Security Bulletin: Multiple vulnerabilities within Jackson JSON library affect IBM Business Automation Workflow (CVE-2017-17485, CVE-2018-5968, CVE-2018-7489)

Multiple security vulnerabilities have been reported for Jackson JSON library that is used by IBM Business Automation Workflow.

CVE(s): CVE-2018-7489, CVE-2018-5968, CVE-2017-17485

Affected product(s) and affected version(s):

– IBM Business Automation Workflow V18.0.0.0 is affected by CVE-2017-17485, CVE-2018-5968, CVE-2018-7489

– IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03 is affected by CVE-2017-17485, CVE-2018-5968, CVE-2018-7489

– IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06 is affected by CVE-2018-5968, CVE-2018-7489

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22015305
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139549
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138088
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137340

The post IBM Security Bulletin: Multiple vulnerabilities within Jackson JSON library affect IBM Business Automation Workflow (CVE-2017-17485, CVE-2018-5968, CVE-2018-7489) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2wPfLDt
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)