IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 8.0.5.22 & Versions 7.0.10.30 used by IBM Integration Bus & IBM App Connect Enterprise V11. These issues were disclosed as part of the IBM Java SDK updates in October 2018.

CVE(s): CVE-2018-3139, CVE-2018-3180

Affected product(s) and affected version(s):

IBM App Connect Enterprise V11 , V11.0.0.0 – V11.0.0.4

IBM Integration Bus V10.0.0.0 – V10.0.0.16

IBM Integration Bus V9.0.0.0 – V9.0.0.11

WebSphere Message Broker V8.0.0.0 – V8.0.0.9

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887587
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2Jq48Yd