SymmetricalDataSecurity: IBM Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)

Saturday, November 17, 2018

IBM Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)

Nov 17, 2018 8:00 am EST

Share this post:

WebSphere Application Server is vulnerable to possible man-in-the-middle attacks. This is caused by the failure to encrypt ORB communication or by an Apache CXF vulnerability.

CVE(s): CVE-2018-1683, CVE-2018-8039

Affected product(s) and affected version(s):

Affected Product	Affected Versions
IBM Tivoli Storage Productivity Center	5.2.0 – 5.2.7.1
IBM Spectrum Control	5.2.8 – 5.2.17.0
IBM Spectrum Control	5.3.0

The versions listed above apply to all licensed offerings of IBM Tivoli Storage Productivity Center and IBM Spectrum Control.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10733687
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145516

from IBM Product Security Incident Response Team https://ift.tt/2FBIvnA

SymmetricalDataSecurity

Saturday, November 17, 2018

IBM Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews