Jul 31, 2018 9:01 am EDT
Categorized: High Severity
Share this post:
A security vulnerability related to Remote Command Execution (RCE), caused by dynamic JSP file builds, has been identified in IBM Platform Symphony 6.1.1, 7.1 Fix Pack 1, 7.1.1 and IBM Spectrum Symphony 7.1.2, 7.2.0.2.
CVE(s): CVE-2018-1595
Affected product(s) and affected version(s):
IBM Platform Symphony 6.1.1, 7.1 Fix Pack 1, and 7.1.1
IBM Spectrum Symphony 7.1.2 and 7.2.0.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=isg3T1027819
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143622
from IBM Product Security Incident Response Team https://ift.tt/2ACqsvp
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.