IBM Security Bulletin: Vulnerabilities identified in IBM® Java SDK affect WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio (CVE-2018-3139 and CVE-2018-3180)

Nov 27, 2018 8:02 am EST

Categorized: Medium Severity

Share this post:

Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 used by WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio. These issues were disclosed as part of the IBM Java SDK updates in October 2018. These issues are also addressed by WebSphere Application Server Network Deployment shipped with WebSphere Service Registry and Repository.

CVE(s): CVE-2018-3139, CVE-2018-3180

Affected product(s) and affected version(s):

WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio V8.0 and V8.5 are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10738633
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497

from IBM Product Security Incident Response Team https://ift.tt/2FJh2kf