The IBM Streams Web console is potentially vulnerable to cross-site scripting and other related attacks. IBM Streams has addressed the applicable CVE.
CVE(s): CVE-2017-1431
Affected product(s) and affected version(s):
The following versions may be impacted:
- IBM Streams Version 4.2.1.1 and earlier
- IBM InfoSphere Streams Version 4.1.1.4 and earlier
- IBM InfoSphere Streams Version 4.0.1.4 and earlier
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2vNO6kw
X-Force Database: http://ift.tt/2uoR2As
The post IBM Security Bulletin: IBM Streams is potentially affected by a vulnerability caused by parsing text in the Web Console appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2vO3PA1
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.