IBM Security Bulletin: Vulnerability in IBM Java SDK affects IBM Process Designer used in IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Lombardi Edition (CVE-2018-2783)

There is a vulnerability (CVE-2018-2783) in IBM® SDK Java™ Technology Edition that is used by IBM Process Designer in IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Lombardi Edition. The issue was disclosed as part of the IBM Java SDK updates in April 2018.

CVE(s): CVE-2018-2783

Affected product(s) and affected version(s):

This vulnerability affects IBM Business Automation Workflow V18.0.0.0, IBM Business Process Manager V7.5.0.0 through V8.6.0 2017.12, and WebSphere Lombardi Edition V7.2.0.0 through V7.2.0.5.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22017378
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939

The post IBM Security Bulletin: Vulnerability in IBM Java SDK affects IBM Process Designer used in IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Lombardi Edition (CVE-2018-2783) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2txJP2q