SymmetricalDataSecurity: Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which allows users to embed arbitrary JavaScript code in the Web UI (CVE-2019-4665)

Tuesday, December 10, 2019

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which allows users to embed arbitrary JavaScript code in the Web UI (CVE-2019-4665)

A security vulnerability has been identified in all levels of IBM Spectrum Scale that could allow users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. A fix for this vulnerability is available.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Spectrum Scale	5.0.0.0 – 5.0.4.0
IBM Spectrum Scale	4.2.0.0 – 4.2.3.18

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1118937

The post Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which allows users to embed arbitrary JavaScript code in the Web UI (CVE-2019-4665) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2PyVwjO

SymmetricalDataSecurity

Tuesday, December 10, 2019

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which allows users to embed arbitrary JavaScript code in the Web UI (CVE-2019-4665)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews