There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM API Connect. These issues were disclosed as part of the IBM Java SDK updates in October 2017, January 2018, and April 2018.
CVE(s): CVE-2017-10295, CVE-2017-10355, CVE-2017-10356, CVE-2018-2603, CVE-2018-2657, CVE-2018-2633, CVE-2018-1417, CVE-2018-2783
Affected product(s) and affected version(s):
IBM API Connect V5.0.0.0 – V5.0.8.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-prd-trops.events.ibm.com/node/715673
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133729
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137910
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138823
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM API Connect appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2KtMlRK
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.